Fake "Conflicker.B" alert mails

malware_warningIn a spam wave that currently is active, fake alert emails clog the inboxes of Internet users. The mails pretend to stem from the Microsoft Support and make the recipient believe that the computer is infected with Conflicker.B (and/or Conficker.B, both name variants are in the mail). The attachment of the mail is allegedly a cleaning tool – but beware, it is malware in fact!

The mails have this text in their body:

Dear Microsoft Customer,

Starting 12/11/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly.Microsoft has been advised by your Internetprovider that your network is infected.

To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.

Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.

Regards,

Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division

The subject of the mails is “Conflicker.B Infection Alert”. Don’t open the malware attachment of this email and just delete the email altogether. Users of Avira solutions are protected: The attached file is detected generically as TR/Crypt.ZPACK.Gen – without an update.

Dirk Knop
Technical Editor

Dear Microsoft Customer,
>
>Starting 12/11/2009 the ‘Conficker’ worm began
>infecting Microsoft customers unusually rapidly.
>Microsoft has been advised by your Internet
>provider that your network is infected.
>
>To counteract further spread we advise removing
>the infection using an antispyware program. We
>are supplying all effected Windows Users with a
>free system scan in order to clean any files infected by the virus.
>
>Please install attached file to start the scan.
>The process takes under a minute and will
>prevent your files from being compromised. We
>appreciate your prompt cooperation.
>
>Regards,
>Microsoft Windows Agent #2 (Hollis)
>Microsoft Windows Computer Safety Division