Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Independence day greeting cards contain virus.

Sophos : 04 July, 2007  (Technical Article)
Sophos warns of e-cards containing 4th of July greetings which link to a site containing Trojan downloader for delivering malicious code to the victim's computer.
IT security and control firm Sophos is warning of a widespread email spam campaign that poses as a 4th July greeting card, but is really an attempt to lure innocent computer users into being infected by a Trojan horse and attacked by hackers.

The emails, which are being seen in inboxes worldwide, claim that the recipient has been sent an ecard greeting by a friend and tells the user to click on a link to view the card.

Subject lines used in the malicious spam campaign include:

America the Beautiful
God Bless America
Happy Fourth of July
Independence Day Celebration
July 4th Fireworks Show
Your Nations Birthday

'Cybercriminals have no qualms about taking advantage of celebrations like 4th July to infect innocent people's computers, and potentially steal their identities. This isn't just an American problem - these kind of attacks strike around the world, and are designed to abuse PCs on a global scale,' said Graham Cluley, senior technology consultant at Sophos. 'People regularly send egreetings to friends and colleagues, so it is important that everyone is on their guard against these kind of attacks and ensures their computers are properly defended.'

Clicking on the link contained inside the email, which is in the form of a numeric IP address, takes surfers to a compromised zombie computer hosting the JSecard-A Trojan horse. This malware then tries to download additional code from the internet which Sophos intercepts as Mal/Dorf-C.

'Rather than being sent to a real ecard website when you click on the link, you are visiting someone else's compromised computer which is hosting malicious code designed to infect your Windows PC. It is these same computers, based all around the world, which are spewing out spam,' continued Cluley. 'A real ecard company is unlikely to send you emails which contain links that are a set of four numbers in the format, so that should set alarm bells ringing instantly.'

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against malware, spyware, hackers and spam.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo