Fake emails that claim to offer security advice from Microsoft are cloaking the presence of a password-stealing Trojan horse, security experts have warned.
The bogus emails claim to come from 'patch@microsoft.com' with the warning that a hole has been found in the Microsoft WinLogon service that could 'allow a hacker to gain access to an unpatched computer'.
However, if you click on a link in the email to download the patch you will actually be redirected to a non-Microsoft website that downloads the BeastPWS-C Trojan horse, which is a keylogger capable of spying on your system and stealing passwords.
"People are slowly learning that Microsoft does not email out security fixes as attachments, but they must also learn to be careful of blindly clicking on links to download fixes without checking that the email is legitimate," said Graham Cluley, senior technology consultant at Sophos.
According to Sophos, when first installed the Trojan horse displays a message, which says: 'Microsoft WinLogon Service successfully patched', when in fact it is secretly logging keystrokes and sending them to the hacker's email address.
Mr Cluley added: "The hackers are playing a dangerous game, because if Microsoft finds out who is responsible for besmirching its name, it's more than likely to throw the full force of the law at them. Security is becoming a hot topic for the software giant, and it doesn't want malware and spam to sully its public image through this kind of criminal activity."
Topic: Fake Microsoft emails hide Trojan spy (Read 617 times)