The Inquirer-Home

Hackers create bogus Microsoft Services Agreement email to exploit users

Installs malware based on an exploit in Oracle's Java software
Tue Sep 04 2012, 10:53
malware virus security threat scam

HACKERS are using a recent Microsoft email notification regarding changes in its Services Agreement to trick people into installing malicious programs based on an exploit in Oracle's Java software.

The SANS Institute's Internet Storm Centre issued warnings about the rogue emails at the weekend, saying that they are based on a 27 August communication from Microsoft about popular products such as Hotmail and Skydrive.

"We're receiving multiple reports of a phishing campaign using the template from a legitimate Microsoft email regarding Important Changes to Microsoft Services Agreement and Communication Preferences," SANS Internet Storm Centre security incident handler Russ McRee said in a blog post.

"The evil version of this email will subject [the] victim to a hyperlink that will send them to a Blackhole-compromised website, which will in turn deliver a fresh Zeus variant."

McRee said that this type of attack is effective because it requires no user interaction to achieve its goal.

Security firm Sophos said in a blog post that the attacks have prompted "renewed calls for internet users to disable Java on their systems" as they await an update from Oracle to fix the Java vulnerabilities.

Microsoft acknowledged the malware when responding to a user question regarding the fake email, and advised users not click on any links.

"If you received an email regarding the Microsoft Services Agreement update and you're reading your email through the Hotmail or Outlook.com web UI, the legitimate email should have a Green shield that indicates the message is from a Trusted Sender," Microsoft representative Karla L said on the firm's Answers website.

"If the email does not have a Green shield, you can mark the email as a Phishing scam. Do not click through the links in the email if you are not sure it is safe." µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?