Beware: Fake Microsoft "security" spam conceals virus

MICROSOFT NEVER sends you emails with patch fixes embedded in them - and you only get security alert notices if you've opted in.

So beware a particularly pernicious message that's doing the rounds. This one, claiming to come from "Microsoft Corporation Public Support" looks highly convincing, as you can see from the screenshot below, comes with an attachment called Q934821.exe which you shouldn't click under any circumstances.

In fact, and if you're concerned about holes and other Microsoft security information, you should go to this page.

Here's what the fake Microsoft email looks like, with the fake subject line "New Network Patch". The same rubbish is masquerading under different email headers, such as "Use this patch immediately", and "Newest Internet Critical Pack". It's an attack.

According to Ken Dunham, malicious code intelligence manager at iDEFENSE, the virus is the Swen virus. There have been over 30,000 interceptions in its first 24 hours and is particularly dangerous to home users. If the .exe file is run, it tries to steal information from a computer, and communicates with 230 remote IP addresses once it has infected a machine. It also communicates with a remote website. Dunham said earlier today that this remote website was reporting 1,407,079 infected PCs. He said: "The worm is very widespread and is gaining ground worldwide".

This also, of course, uses Microsoft logos, so the software firm can take action against the spammers. Our Web Mail Tracker will trace back the emails to their source. µ