Companies do not send updates by email, including Microsoft. They use other methods to tell their users about updates then expect users to download the updates themselves. Attachments in emails are generally bad.
So the following email I received is clearly an attempt to spread malware. It’s an email that claims to be from Microsoft – a quick look at the email’s header shows that it came from branchen4u.de. Not Microsoft.
So apart from the suspicious attachment and forged sender address, the other thing that tipped me off is that I don’t actually use Microsoft Outlook or Outlook Express.
Below is a copy of the infected email:
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides you with the latest version of the Microsoft Outlook / Outlook Express and offers the highest levels of stability and security.
* Install Update for Microsoft Outlook / Outlook Express (KB910721). To do this, follow these steps:
1. Run attached file officexp-KB910721-FullFile-ENU.exe
2. Restart Microsoft Outlook / Outlook Express
* Supported Operating Systems: Windows 2000; Windows 98; Windows ME; Windows NT; Windows Server 2003; Windows XP; Windows Vista
* This update applies to the following product: Microsoft Outlook / Outlook Express
There was a zip file attached that contains the Bredlab trojan. If the trojan were installed it runs quietly in the background downloading viruses and other malware.
So again, don’t trust unsolicited emails. I didn’t ask Microsoft to email me patches so this one was unsolicited. And it turns out it contained a trojan.
You should also have a good antivirus package installed.