[Nodxa] (AF8C) More news on computer security threats

[Williams, G (AF8C)]

----------------------------------
Sent: Saturday, June 30, 2007 7:01 PM Subject: LCCUG Security Alert: bogus 
Microsoft email threat

Note from LCCUG: We thought this was important enough that we should warn 
all of our members:

Don't touch that Microsoft Security Bulletin email

By John Oates

Published Thursday 28th June 2007 12:15 GMT

Do not be tempted into opening an email with the subject line: "Microsoft 
Security Bulletin MS07-0065"
because it is no such thing.

The email is not from Microsoft and contains a link to a webpage containing 
a trojan (disguised
malware). The emails contain real people's names and the company they work 
for and looks like a genuine
Microsoft email.

The mail looks pretty convincing and includes Microsoft and Windows logos. 
It claims that a zero-day
vulnerability has been found that would allow hackers to get into machines 
running Outlook. The mail
claims 100,000 machines have already fallen foul of the vulnerability.

There's more from Sophos here. 
(http://sophos.com/pressoffice/news/articles/2007/06/bogusmspatch.html)

Graham Cluely, senior tech consultant for Sophos, said the attempted attack 
actually showed there was
increased awareness of computer security because hackers are now using 
social engineering to take
advantage of this improved understanding.

He said: "The irony is that as awareness of computer security issues has 
risen, and the need for
patching against vulnerabilities, so social engineering tricks that pose as 
critical software fixes are
likely to succeed in conning the public."®

Original URL: http://www.channelregister.co.uk/2007/06/28/outlook_bug_isnot/

-----------------
NNNN


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.476 / Virus Database: 269.9.14/882 - Release Date: 6/30/2007 3:10 PM