Trojan in pseudo Delta email
Monday, March 2, 2009
A spoof email is currently being sent to users claiming to be from Delta Airlines and informing the recipient their credit card has been charged for a flight, according to an advisory from the company.
Users are told to confirm their ticket purchase in the email and asked to download the attached zip file, which is a Trojan, SCMagazineus.com reports. The file, named W32/Trojan2.FXRO, is similar to Zbot, a banking Trojan that has the potential to steal sensitive and personal information from infected machines.
The emails have reportedly been sent within the past two days and it is unknown how many people have been affected by the email attack.
The cybercriminals involved concealed their tracks through a technique called email address spoofing, which allows the attacker to enter in a different "From" address in the fake email, according to the article.
Recently, similar email attacks have hit other airlines, including Northwest and United Airlines. Given the current state of the economy, cybercriminals may be using the public's fear of identity theft to convince them to download the malicious file in the email message.
This may also be another reminded for organizations and SMBs to update their email security.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
