Since yesterday, we have detected a flood of email messages that seem to have been sent by Microsoft informing users that their network is infected with the worm Conficker with the purpose to distribute rogueware. Weâ€™ve seen around 2,500 in a few hours.
Weâ€™ve seen similar spam campaigns before, in April 2009 and in October 2009. And itâ€™s not surprising that weâ€™re seeing another campaign now, as the Conficker worm is still infecting computers and networks all over the world though more than one year has passed since its first appearance in December 2008.
The message is like the following:
This email, which seems to have been sent by the Microsoft team, informs users of a Conficker alert which is causing infections on many computers and networks, yours among them.
For this reason, Microsoft advises you to install an antispyware program and carry out a free system scan that will disinfect your computer. In order to do so, you have to install the attached file.
If you run and install it, youâ€™ll be installing an antispyware program that will carry out a system scan and will warn you that your computer is infected by displaying annoying messages. So, after having read the email, you may think your computer was really infected by Conficker.
However, itâ€™s just a bait to trick users and install the rogueware SecurityTool, which is a fake antivirus whose purpose is to make you think that your computer is infected and to persuade you to purchase it. It also prevents the executable files from being run and hides the icons of the Desktop, not allowing you to work with the computer.
If you receive a message like this and you want to make sure that your computer is not infected, carry out a scan with your antivirus program and in case you haven’t any installed, you can use Activescan, Panda Security’s free online scanner.