E-mail users are being warned of a widespread malicious attack that poses as an invitation from Microsoft to download a beta version of Internet Explorer 7.0.
The emails, which claim to come from firstname.lastname@example.org and have the subject line "Internet Explorer 7 Downloads", display an image which invites users to download beta 2 of Internet Explorer 7.
However, users who click on the image will download a file called ie7.0.exe which is infected by the Grum-A worm. Users who download the worm risk losing data and leaving their machines open to hackers.
"Worms like this are only succeeding in spreading because so many people have still not learned to be suspicious of unsolicited emails, even if they claim to come from well-known companies like Microsoft,"
said Graham Cluley, senior technology consultant at internet security software firm Sophos.
He said, "The problem is that to the casual observer the e-mail looks genuine, and the image displayed looks near-identical to the imagery that Microsoft is using on its website to promote Internet Explorer 7.0.”
Clicking on the image however, doesn't download the real beta - but malicious code straight from the hackers.
The Grum worm is an appender virus which infects executable files referenced by Run keys in the Windows Registry.
When run, it copies itself to
Related article: China is leading zombie host
Related article: Malware overview: the full details