Phishing scam targets Microsoft anti-piracy

By

Phishers are using Microsoft's Genuine Advantage Program as a cover to defraud email users of money, according to security experts.

An advisory statement from Websense Security Labs said a spoofed email claiming to be from Microsoft's security department tells recipients that they are using an illegal copy of Windows and asks them to visit a site where they can give their credit card details. The email also attempts to install a Browser Helper Object (BHO) DLL file which is a spyware application.


Another email, also claiming to be from Microsoft, offers to download a security tool to help users "feel more secure on the web". This is also a BHO spyware file.

The company also warned about an apparent hole in Yahoo's search engine that phishers are using to redirect users to fraudulent websites. The company said it had seen a variety of attacks using this technique to "alleviate email SPAM filters and other URL filters". It said it had contacted Yahoo's security team about the flaw.

In other Microsoft news the software giant today released 13 security advisories. SC reported last week that the advisory contains patches for a range of Microsoft programs, many of which are rated critical.

Websense advisory

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

Log In

  |  Forgot your password?