Thursday, April 09, 2009 1:25 PM
by
mmpc
Cashing in on Conficker's Bad Name
Over the last couple of days we've seen some spam claiming to be from Microsoft, providing a free scan to remove Conficker. Here's an example:
The link actually takes you to a typical fake online scanner page used to serve up a rogue security scanner:
In this case the page tries to get you to download TrojanDownloader:Win32/Renos.HL which in turn installs the rogue Trojan:Win32/WinSpywareProtect. You can read tips on how to recognize and avoid fraudulent e-mail.
--Hamish O'Dea
