Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Independence day greeting cards contain virus.

Sophos : 04 July, 2007  (Technical Article)
Sophos warns of e-cards containing 4th of July greetings which link to a site containing Trojan downloader for delivering malicious code to the victim's computer.
IT security and control firm Sophos is warning of a widespread email spam campaign that poses as a 4th July greeting card, but is really an attempt to lure innocent computer users into being infected by a Trojan horse and attacked by hackers.

The emails, which are being seen in inboxes worldwide, claim that the recipient has been sent an ecard greeting by a friend and tells the user to click on a link to view the card.

Subject lines used in the malicious spam campaign include:

America the Beautiful
God Bless America
Happy Fourth of July
Independence Day Celebration
July 4th Fireworks Show
Your Nations Birthday

'Cybercriminals have no qualms about taking advantage of celebrations like 4th July to infect innocent people's computers, and potentially steal their identities. This isn't just an American problem - these kind of attacks strike around the world, and are designed to abuse PCs on a global scale,' said Graham Cluley, senior technology consultant at Sophos. 'People regularly send egreetings to friends and colleagues, so it is important that everyone is on their guard against these kind of attacks and ensures their computers are properly defended.'

Clicking on the link contained inside the email, which is in the form of a numeric IP address, takes surfers to a compromised zombie computer hosting the JSecard-A Trojan horse. This malware then tries to download additional code from the internet which Sophos intercepts as Mal/Dorf-C.

'Rather than being sent to a real ecard website when you click on the link, you are visiting someone else's compromised computer which is hosting malicious code designed to infect your Windows PC. It is these same computers, based all around the world, which are spewing out spam,' continued Cluley. 'A real ecard company is unlikely to send you emails which contain links that are a set of four numbers in the format xxx.xxx.xxx.xxx, so that should set alarm bells ringing instantly.'

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against malware, spyware, hackers and spam.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo