The bad guys are at it again, attempting to trick users to install another version of fake/rogue Anti-virus software. This time they are going back to a classic format, email. Emails are now circulating that claim to be from the “Microsoft Windows Computer Safety Team” and look very legitimate, I have seen a couple in my own email. The emails (example below) claim that Conflicker is back and is infecting pc’s and that Microsoft received a notification from your internet provider and is sending you a “fix” to clean your machine. The “fix” is actually Antivirus Pro 2010, one of the many scareware files that Tech Geek and More has talked about in the past (http://techgeekandmore.wordpress.com/category/spyware/ (http://techgeekandmore NULL.com/category/spyware/)).
Please be aware that Microsoft (or any other software company) does not just randomly send out emails asking you to install things or asking for your information. Microsoft uses its many software pages like Bing.com or MSN.com (http://www NULL.msn NULL.com/) or Microsoft.com if it wanted to pass along an official notice, and it uses Windows update service (http://windowsupdate NULL.microsoft NULL.com) (Windows Update.Microsoft.com (http://windowsupdate NULL.microsoft NULL.com) for users of XP or earlier, built into Windows for Vista and Win7 users) for its downloads. It would never just randomly send you a file to install.
*******Example of Letter not from Microsoft************
“Dear Microsoft Customer,
Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected. To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division
**********************************************
I have highlighted (In Bold) some of the clues in the email that should tell you that this is a fake
Date: 18/10/2009 – This is not U.S. Standard
Microsoft has been advised by your Internet provider that your network is infected – When Microsoft is advised by its partners or even by technology geeks in the general public who find ways that a Microsoft Product can be exploited, they issue press releases thru the media or thru there own web pages (as noted above) and all fixes are issues there Microsoft sites for all users of the affected Microsoft Product.
We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus. – Again Microsoft would never do this as this would be the most counter productive measure, most people have more than 1 email address and many don’t use the email provided by the internet provider (How many of you use @Comcast or @Fios email versus @Hotmail or @Gmail), how do you think Microsoft would actually know what emails to use.
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division – At least in my email conversations with Microsoft, the name of the person sending me the email appears in the signature. Additionally, if you do a search online for the “Microsoft Windows Computer Safety Division”, you will find that Microsoft does not have a division by that name.
(Soapbox) The bottom line, is that its up to you the user to USE YOUR BRAIN when your online. When you go out, you make sure you lock your door, set your home alarm, set your car alarm, pay attention to your surroundings when you go to a public place, you don’t just leave your wallet or purse on a table or counter in a restaurant or store (or at least I hope you don’t). In cyberspace just because you are not physically there, doesn’t mean that you don’t need to take the same precautions than what you do in real life. (End of Soapbox)