Over the last couple of days we've seen some spam claiming to be from Microsoft, providing a free scan to remove Conficker. Here's an example:

Misleading email

The link actually takes you to a typical fake online scanner page used to serve up a rogue security scanner:

Screenshot

In this case the page tries to get you to download TrojanDownloader:Win32/Renos.HL which in turn installs the rogue Trojan:Win32/WinSpywareProtect. You can read tips on how to recognize and avoid fraudulent e-mail.

--Hamish O'Dea