IT Consulting News: Windows Patch and iPod Targeted by E-Mail Scam

The latest items plaguing the IT consulting world are fake Windows security patches and faulty iPod invoices. These two items have been cropping up and are designed to get people to put Trojans on their PCs.

Internet IT consulting security firm Websense posted an advisory Wednesday calling attention to fake e-mails that try to get users to install a fake patch for a Windows vulnerability that was described in the recent security bulletin by Microsoft. The e-mail may be at least somewhat successful according to experts because of the recent vulnerabilities exposed in the Windows software.

Also in IT consulting news is an announcement by the antivirus IT consulting firm Sophos advising users about fake order tracking e-mails that claim that the user will soon get an iPod via Fed-ex and that approximately $500 has been deducted from their e-gold account. The e-mail is attached to a subject line entitled “Track your order” and contains specific text that can be seen in its entirety in the above link.

This specific iPod e-mail has an attachment called “OrderInf.zip” that when unzipped has a file called OrderInfo.exe. Once a user executes this file, it attempts to download more malware from the web.

Experts assert that the e-mails are not hard to spot, and that particularly the iPod e-mail is wrought with misspellings that should be easily identified.

Added By: Joshua Feinberg