Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Old school pal scam contains virus

Sophos : 05 October, 2007  (Technical Article)
The latest malware to plague the networks poses as an e-mail from an old classmate but the promise of a relationship leads to PC infection.

IT security and control firm Sophos is warning of a new attempt to infect PCs with malware by someone posing as a long lost school friend. According to Sophos, internet hackers - taking advantage of the current popularity of social-networking and online friendships amongst adults - are using the lure of a possible internet romance in an attempt to trick the unwary into downloading a password-stealing Trojan horse.

SophosLabs' blog reports that the emails, which have been spammed out across the internet, purport to be from a young blonde woman with pigtails called Ann Berns who claims that she went to high school with the recipient. The author refers to fond memories of after-school walks and classroom conversations in an attempt to encourage the recipient into investigating further and clicking on a URL to her personal homepage. Sophos experts note however that the link actually leads to a Trojan horse designed to break into online accounts and commit identity theft.

An extract from the email reads as follows:

'Hi! I'm not sure if you remember me..
I'm Ann Berns, I guess we went to high school together.
It was quite a while ago but I still remember our friendship.
Do you remember that walk after classes? It was really cool!
I still think about you sometimes, all that fun, all whispering chats during classes. Do you want to see what I look like now? Visit my home page then, it's at...'

'The lonely, the randy or the just plain curious might be tempted to click on the link - but if they do they risk falling straight into a trap set by hackers,' said Graham Cluley, senior technology consultant for Sophos. 'It's a pretty sad state of affairs that cybercriminals need little more than a picture of a blonde woman with pigtails to steal passwords from unwary internet users. Everyone needs to learn to take more care over unsolicited emails, and ensure that they are properly defended when they open their email inbox or surf the web.'

Unlike many other anti-virus vendors, Sophos did not have to issue an update to protect its users against the malware as Sophos's Behavioural Genotype Protection technology was already able to proactively identify it as Mal/Behav-121. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threat.

Earlier this week, Sophos reported that emails claiming to contain naked pictures of Angelina Jolie and Halle Berry had helped hackers break into PCs.

'People need to think with their heads, not with their loins,' continued Cluley. 'The use of attractive young women by hackers to infect the lovelorn is far from a new trick - but it's one that seems to work time and time again.'

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo