Commonwealth Office of Technology

• Security Home
  • Security Main Page
• Alerts
  • Security Alerts
• Policies
  • Security Policies
• Anti-Virus Info
  • Anti-Virus Info
• Newsletters & Info
  • Cyber Security
  • Cyber Security Awareness
  • Security FAQ
  • Video: Public Folders
• Additional Resources
  • Security Forms
  • Security Links
  • COT Responsibilities

COT Security Alert - Fraudulent Microsoft E-mail

From: Ritchey, Gail (COT)
Sent: Friday, March 30, 2007 9:39 AM

To: COT Constitutional CIO Security Contacts; COT Cabinet CIO Security Contacts; COT Commonwealth Technology Council

Cc: COT Exchange Administrators; COT Security Alert Contacts; COT Security Contact COT-Support; COT Security Contact Pass; COT Security Contact Self-Support; COT Technical Contacts; SecurityContacts GroupSubject: COT Security Alert: Fraudulent Microsoft Email

Subject: COT Security Alert: Fraudulent Microsoft Email

COT Security Alert

---

Spam emails have circulated widely within state government which use social engineering to entice recipients to click a link containing malicious code. The email subject is "Internet Explorer 7 Downloads". The emails claim to come from Microsoft, but in reality the email is spoofed or faked and does not come from Microsoft. The only content in the email is an embedded picture of Internet Explorer 7. If clicked, the embedded picture will download an IE7.exe file to the user’s machine. If executed, this file will infect the machine. Please notify your network administrator and the COT Service desk immediately if you have executed this file.

While COT is working to block these emails from state inboxes, even subtle changes in the email may allow them to pass through the filters with each change until they are blocked again.

To reduce the possibility of being affected by this malware, users are advised, as always, not to open unfamiliar or unexpected email attachments or links.

NOTICE: COT is providing this information so that you are aware of the latest security threats, vulnerabilities, software patches, etc. You should consult with your network administrator or other technical resources to ensure that the appropriate actions for these alerts are followed. If you are a network administrator and need additional information, please call the Help Desk at 502.564.7576.

Security Administration Branch
Division of Technical Services
Commonwealth Office of Technology
1266 Louisville Rd., Perimeter Park
Frankfort, KY 40601
Phone: 502.564.5274
COTSecurityServicesISS@ky.gov
http://technology.ky.gov/security/