“Experts at SophosLabs, Sophos’s global network of virus and spam analysis centers, have warned users to be on their guard against an attempt by hackers to break into their computers under the guise of a Microsoft security update.
Sophos’s spam labs have intercepted an email campaign intended to direct innocent computer users to a bogus website, posing as Microsoft’s official website for critical security patches. However, if users follow the links in the email and try and download updates from the website they are infected by the Troj/DSNX-05 Trojan horse, which allows hackers to take remote control of the infected PC.
Emails sent by the hackers claim to come from ‘Windows Update’ and include subject lines such as ‘Update your windows machine’, ‘Urgent Windows Update’, and ‘Important Windows Update’.”
More at http://www.techtree.com/techtree/jsp/showstory.jsp?storyid=66919