Hello Michael and GP-UK,
On Wednesday, August 5, 2009, at 8:46:17 PM, Michael wrote:
> I've just received an interesting phishing mail which invites me to
> download a "critical update" for Outlook and Outlook Express "which
> offers the highest level of security and stability".
> I was immediately suspicious, because if you wanted the highest level of
> security and stability you probably wouldn't choose Microsoft products.
> But what really exposed the scam was the following information:
> File Name: officexp-KB910721-FullFile-ENU.exe
> Version: 1.4
> Date Published: Tue, 4 Aug 2009 17:22:30 -0300
> Language: English
> File Size: 81 KB
> I don't think the Microsoft Corporation has released an executable file
> smaller than a megabyte since about 1985.
If you examine the HTML part of the email, you will find that the link
to that file, i.e. the normally 'hidden' href, is incontrovertibly
*not* a Microsoft site. In addition, the minor fact that Microsoft do
not distribute security patches via email may have some significance.
The monthly cycle of Microsoft security updates is well publicised on
the SANS Internet Storm Center site.
http://isc.sans.org/
In fact the current diary entry at the time of writing informs us of a
pending raft of security updates to ...er ... Mac OS X v10.5.8. :-)
Chris
--
Chris Salter mailto:[log in to unmask]
Lincolnshire Post-Polio Network http://www.lincolnshirepostpolio.org.uk/
Polio and Post-Polio News http://mt.lincolnshirepostpolio.org.uk/pandppnews/
|