Windows patch, iPod exploited in e-mail scams

Fake patches, rogue invoices make the rounds as spammers keep trying to fool people into installing Trojans on their PCs.

Fake Windows security patches and rogue iPod invoices have been making the rounds this week as spammers continue trying to fool people into installing Trojans on their PCs.

Internet threat-monitoring firm Websense issued an advisory on Wednesday about a fake e-mail that encourages recipients to install a patch to fix a Windows vulnerability described in Microsoft security bulletin MS05-039.

According to Websense country manager Joel Camissar, the e-mail is likely to have some success because it exploits users' fears that their systems may be vulnerable.

"People are still falling for this. It is very easy for a hacker to take advantage of the fear created in the marketplace," Camissar said.

He said users may fall for the scam because they want to "make sure their system is patched to protect it from being infected by all these nasties."

The scam is a technical improvement on early attempts to trick users into installing Trojans because it rides on the back of an actual vulnerability that was patched by Microsoft earlier this month.

Antivirus firm Sophos warned consumers on Wednesday that spammers are sending out fake "order tracking" e-mails that claim the recipient will soon receive an Apple Computer iPod by Fed-Ex and around $500 has been debited from their e-gold account.

According to Sophos, the e-mail arrives with a subject line that says "Track your order" and the e-mail contains the following text:

Dear *e-mail address*,

Please read the following message carefully.

We notify that your order was approved and shipped to you via FedEx 2Day Service, track 792531968828.

The amount of $479.95 USD was recieved from your e-gold account. The details of transaction and specification of chosen product we send you in self-extracting compressed-zip file.

Read it carefully to make sure that there's no mistakes in characteristics of chosen product. We appreciate your choice!

According to the rules, refund must be based on your original method of payment. Any requests to refund using e-gold are not accepted if the payment method was credit card.

IPod For Your, Yahoo Shopping.

The e-mail contains an attachment called, which if unpacked contains an executable file called OrderInfo.exe. Once executed, the file attempts to download further malware from the Internet.

Graham Cluley, senior technology consultant for Sophos, said in a statement that the e-mail shouldn't be too difficult to spot. "With luck the spelling mistakes in the e-mail will warn many users that there is something not quite right...Additionally, anyone who doesn't use e-gold should be able to smell a rat when it is claimed that almost $500 has been taken from their account."

Munir Kotadia reported for ZDNet Australia.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The WRT1900ACS is Linksys' new best Wi-Fi router to date

CNET editor Dong Ngo compares the new WRT1900ACS and the old WRT1900AC Wi-Fi routers from Linksys. Find out which one is better!

by Dong Ngo