Spam claiming to be from Microsoft and offering download links to Internet Explorer 7.0 and Windows Malicious Software Removal Tool appear in the wild, the Trend Micro Content Security Team has reported.
Here are screenshots of sample emails:
To buy themselves some credibility, spammers added what seems to be a disclaimer from MSN Featured Offers, which is a newsletter service by MSN, where users subscribe to “offers” from a number of categories. MSN then sends certain discounts and offers to the subscribers depending on the category they have chosen.
Upon clicking the links, malicious files are downloaded onto the user’s system. Trend Micro detects the downloaded files as TROJ_RENO.ADX and TROJ_MONDER.HM.
Supposed software updates are commonly used by criminals to mask malware. Last May, fake Microsoft updates were spammed; they installed a file infector onto systems. Most recently, bogus Yahoo!Messenger updates delivered malware, too.
Trend Micro users are already protected by the Smart Protection Network; other users should exercise care if this scam arrives in their e-mail.