A new wave of malicious spam is using fake Windows security alerts to deliver its payload. According to Microsoft, the emails claim the alerts are part of a new, experimental and private version of an update for all Microsoft Windows OS users.
The recipient is prompted to download an attached file containing the alleged update, which is really a Trojan called Win32/Haxdoor. It records passwords, credit card numbers and other personal information and sends them to the scammers. Fortunately this Trojan is detected by antivirus programs and the Windows Malicious Software Removal Tool. Read the rest of this article