Tuesday, April 12, is the next scheduled round of Microsoft patches. The spoofed e-mail -- which claims to be from Microsoft's update center -- plays off that, and may fool otherwise cautious users. A link in the message takes readers to a bogus site that "appears very similar to the real Windows update site," said San Diego-based Websense in its posted alert.
When users click the Express Install or Custom Install buttons on the fake site, a Trojan horse downloads and installs, providing a back door for hackers to later use to grab control of the PC.
The Australian-based site, said Websense, was up as of Friday.
"This criminal campaign exploits the public's rising paranoia about the security of their Windows computers," noted Graham Cluley, a senior technology consultant for Sophos, in a statement.
"Microsoft does not issue security warnings in this way, so users should be on their guard whenever they receive an e-mail like this," Cluley added.