Have you received an email seemingly from Microsoft’s security team telling you to “Update your Windows”? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer?
Well, think twice before following the instructions.
Cybercriminals are up to their old tricks, spreading malware under the disguise of a critical security patch from Microsoft.
In the current example, they’ve spammed out an email containing a worm, which even quotes the real name of a senior member of Microsoft’s security team – Steve Lipner – to try to fool you into believing it is genuine.
The emails have a subject line of “Update your Windows” and contain the following text:
Of course, Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments. Nevertheless, there have been a series of…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.