Have you received an email seemingly from Microsoft’s security team telling you to “Update your Windows”? Have you been sent a file called KB453396-ENU.zip and told to run it on your Windows computer?
Well, think twice before following the instructions.
Cybercriminals are up to their old tricks, spreading malware under the disguise of a critical security patch from Microsoft.
In the current example, they’ve spammed out an email containing a worm, which even quotes the real name of a senior member of Microsoft’s security team – Steve Lipner – to try to fool you into believing it is genuine.
The emails have a subject line of “Update your Windows” and contain the following text:
Of course, Mr Lipner has nothing to do with the emails and Microsoft never distributes security updates via email attachments. Nevertheless, there have been a series of…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.