Fake Microsoft

Skevos discovers a new low in computer viruses.

Phew. There’s nothing like a fresh WindowsXP installation to make you realise how many people out there must have virus-riddled PCs – after all, my new installation of XP can’t be to blame, can it? I’ve been getting all the usual spam lately – Nigerian opportunities to lose all my money, pills to make me hallucinate that my breasts are larger, the chance to buy fake degrees to ruin my career prospects, etc etc. But I’ve started getting a lot more of those disguised emails that attempt to trick me into running their attachments. The days of simple emails that state “open the attachment for a fireworks animation!” are gone. These days they are disguised as all manner of innocent or important-sounding things, and I’ve learned to ignore them all. Yet the latest virus email to quietly slither into my inbox is almost a work of genius in its presentation.

I have just a hard drive die on me – the last of my IBM drives (two months within its three-year warranty, but should I bother making a claim when all I’ll get is another potentially-dodgy IBM drive?). To be fair it had had a hard life as a video drive before I made it my C drive. One of the good things about being a data-backup-paranoia-freak is that I decided long ago to only put my OS (Windows) and installed programs on my C drive – no data. So I lost none of my own work when the drive died, and installing programs is tedious but not heart-breaking

So here I am with a fresh C drive and a shiny new install of WindowsXP and I’m still getting email viruses sent to me and sometimes they even appear to be from me. Given my new install of XP, and the fact that I use Mozilla for email not Outlook, this means that there must be people out there with my email address in their address book that are infected with viruses (virii?), and these virus-riddled PCs are sending me spoof emails trying to trick me into installing the virus here. Worst still is that they are probably sending out viruses to people that appear to be coming from me.

Today I got the “best” (most devious) email virus I’ve ever received. You can see a harmless copy of it on this Snopes page:

Swen-A virus information from Snopes.

Take a look at the email that is reproduced on that page – someone put quite a bit of effort into it. What worries me about this virus (which isn’t that new it seems, but I’ve never seen it before) isn’t the virus itself but the email that delivers it. It looks quite like the Microsoft website in layout and graphics. I would confidently say that more than half of the people I know would read this email, see that it looks sort of like the Microsoft web site, notice that the links in the email really do lead to the Microsoft web site, and then they would double click the attachment without a second thought. It even looks like a Microsoft update when it installs itself:

Symantec information on the Swen-A virus.

It didn’t fool me because I happen to know that Microsoft never sends updates out via email attachments, but I’ll admit it made me look twice. A lot of computer users aren’t aware that Microsoft only distributes updates via its web site and Windows internal update services, and never via email attachments. In fact, some users I’ve met don’t even make a strong distinction between the web and email at all (after all, a lot of emails look like web pages now days, and a lot of users use their web browsers to check their emails). And if people are fooled by plain text emails that say “run the attachment for a fun animation!” then they’re bound to be fooled by this one.

So – if you’ve ever seen the email above and think you may have run its attachment, please follow the links on that page and make sure you’ve removed it. Please. Lately I’ve been getting a bit more spam and a lot more virus emails from infected systems. So at least one person out there that knows me has an infected PC. And if you’ve received an email virus that seems to have come from me, I assure you it didn’t!