A new spam run is attempting to infect users with a phony copy of Internet Explorer 7 (IE7). The spam messages are simply titled ‘Internet Explorer 7’ and claim to be from Microsoft Feature Offers, a service supposedly from Microsoft. The spam message contains no explanation other than a link reading “download the latest version!” and an “about this mailing” paragraph describing the so-called Microsoft service.
Upon clicking the download link, the user is directed to a fake browser page, which attempts to download a 136KB file known simply as ‘update.exe’. The executable file in turn infects the user’s machine and downloads malware. The same Microsoft Feature Offers spam tactic was used last month in an attack that sought to install malware disguised as nude photos of actress Angelina Jolie.