Threat Research & Response Blog
Over the last couple of days we've seen some spam claiming to be from Microsoft, providing a free scan to remove Conficker. Here's an example:
The link actually takes you to a typical fake online scanner page used to serve up a rogue security scanner:
In this case the page tries to get you to download TrojanDownloader:Win32/Renos.HL which in turn installs the rogue Trojan:Win32/WinSpywareProtect. You can read tips on how to recognize and avoid fraudulent e-mail.