Scammers are infecting computers with a Trojan horse program disguised as software that determines whether PCs are compatible with Windows 7.
The attack was first spotted by BitDefender on Sunday and is not yet widespread; the antivirus vendor is receiving reports of about three installs per hour from its users in the U.S. But because the scam is novel, it could end up infecting a lot of people.
The scammers steal their marketing text directly from Microsoft, which offers a legitimate Windows 7 Upgrade Advisor in its Web site.
"Find out if your PC can run Windows 7," the e-mails read, echoing Microsoft's Web page. "This software scans your PC for potential issues with your hardware, devices, and installed programs, and recommends what to do before you upgrade."
Users who try to install the attached, zipped file end up with a back-door Trojan horse program on their computer. BitDefender identifies the program as Trojan.Generic.3783603, the same one that's being used in a fake Facebook password reset campaign.