Spoofed Microsoft Internet Explorer 7 Update site installs a trojan
SurfControl Threat Analysis teamÃ‚Â has receivedÃ‚Â a spoofedÃ‚Â e-mail message, claiming to be from firstname.lastname@example.org, which offers a link to download Release Candidate 1 ofÃ‚Â MicrosoftÃ‚Â Internet ExplorerÃ‚Â 7.
This threat takes advantage of the release of Internet Explorer 7 by Microsoft last week.Ã‚Â If the recipient of the e-mailÃ‚Â clicks on the providedÃ‚Â links a website is launched thatÃ‚Â looks very similar to a legitimate Microsoft page, however, itÃ‚Â installs a Trojan DownloaderÃ‚Â via a browser exploit targeted at Internet Explorer, and effectively creates a backdoor on the infected system.
-Ã‚Â Spammer sends an email from a spoofed Microsoft address to increase level of trust.
-Ã‚Â Takes advantage of recent update to Microsoft Internet Explorer.
-Ã‚Â Uses aÃ‚Â webpageÃ‚Â that mimics the Windows updateÃ‚Â site.
-Ã‚Â Installs a Trojan downloader effectively creating a backdoor on the infected system.