Hi, I got this warning forwarded to me by OH from his local government IT services yesterday as well:
Although NSDC is protected from this virus there may be many members of staff with internet access at home who may be fooled into opening the infected e-mail because the e-mail appears to come from "Support@microsoft.com".
Virus disguised as genuine e-mail from microsoft:
Sophos, a global leader in anti-virus protection for businesses, has warned that a new email-aware worm is spreading, disguised as an email appearing to come from Microsoft's technical support department.
The worm, known as W32/Palyh-A, pretends to come from
support@microsoft.com and contains the message text "All information is in the attached file".
T
he attached file is a Windows program with a "PIF" extension. If users open the attachment then they will infect themselves immediately. W32/Palyh-A copies itself to the Windows folder, scoops up email addresses it finds on the user's hard disk, and then starts sending itself out by email.
"Many users who are wary of EXE and VBS files which arrive in their email may not realise that PIF files are equally capable of being malicious," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "Microsoft technical support does not send out files in this way, and users should think twice before they click."