Ken Colburn: A good practice whenever you receive any suspicious e-mail warnings is to copy the first paragraph and paste it into Google as a search.
Q. Is the Conficker worm making the rounds again or are the e-mail warnings a hoax? - Leslie
A. The current crop of 'Conficker.B' e-mail warnings that are purporting to be from Microsoft are in fact a hoax that's trying to infect computers with the fake 'Antivirus 2010' program.
This is just another example of the creative methods that are constantly being generated to trick folks into installing fake security software onto their computer, which then coaxes them to purchase the 'fix' for a fake infection.
A recent study claimed that more than 250 different types of 'scareware' programs are in circulation, and this is just the most recent attempt to get people to give up credit card information for a fake infection.
In general the subject line refers to a 'Conficker.B Infection Alert' and the body of the message reads:
Dear Microsoft Customer,
Starting 18/10/2009 the 'Conficker' worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected. To counteract further spread we advise removing the infection using an antispyware program. We are supplying all affected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division
The message is accompanied by a file attachment that has varying names, but usually has the ".zip" extension.
If you are paying attention, you should be able to spot many red flags from this message.
The first one is the date format (18/10/2009) which is not common in the U.S., and the second is the poor grammar ("unusually rapidly").
What isn't as obvious to nontechnical users is that Microsoft would never be contacted by your Internet provider if your network was truly infected. If anything, your Internet provider would shut your connection down or disable your ability to send e-mail if your system was infected with many of the silent malware programs that silently spew out spam.
Microsoft would never send a file attachment (they always use links back to their Web site) and you should never trust any ".zip files" (compressed files that could contain virtually anything inside) unless you are absolutely certain of the contents.
Finally, I have yet to see any official Microsoft e-mail message that has a salutation starting with "Regards" and there is no such thing as the "Microsoft Windows Computer Safety Division."
The only security warnings that you will ever get e-mailed to you from Microsoft would come as a result of you proactively signing-up for their security bulletins and the format of the messages always starts with "Begin PGP Signed Message."
A good practice for the future whenever you receive any suspicious e-mail warnings is to copy the first paragraph and paste it into Google as a search. If the information is legit, you will find sites that confirm the information. If it's a fake, you will quickly get confirmation as well.
Ken Colburn is president of Data Doctors Computer Services and host of the "Computer Corner" radio show, which can be heard at noon Saturdays on KTAR (92.3 FM) or at www.datadoctors.com/radio. Readers may send questions to firstname.lastname@example.org.