Thursday, June 25, 2009

Fake Microsoft Outlook Security Update

There is an e-mail circulating with the subject "Microsoft Outlook Critical Update" which is very real looking, but very fake and dangerous.

The URL pointing to the "critical update" looks legitimate, but hovering over the hyperlink (or checking the source code of the mail) will show that the link leads to a totally different destination.

Sophos Labs indicates that the URL leads to the download of "a backdoor banking Trojan which allows a remote user to access and steal sensitive data and provides an intruder with remote access to the compromised system."

Remember that Microsoft will never send updates via a direct e-mail. Updates should be installed directly from the official Microsoft Update website at http://update.microsoft.com.

Welcome to the Cavu Networks blog

Welcome to the blog for Cavu Networks. We will use this blog to present and discuss information, tips and news worthy items about small business technology to our customers and colleagues.