Christmas malware emails on the prowl
Monday, December 1, 2008
Emails containing a link for an animated holiday card are an early present from malware attackers.
The attack comes from a seemingly innocent picture of an animated Christmas scene from postcards.org that will link people to the malicious file postcard.exe hosted on various servers, ComputerWeekly.com reports.
If a user clicks on the link, it gives the hacker control of the infected computer through a back door and access to various resources. During the installation process of the executable file, an image called xmas.jpeg is displayed in an effort to distract users, according to Websense Labs.
Websense claims this is the first piece of holiday malware and urges people to never click on a link within an email. The security advisor also warns of enticing shopping offers, festive attachments and holiday videos.
While the holiday season usually sees high activity in email fraud, a recent report from Dark Reading suggests there will be a sharp rise in the number of phishing attacks this year.
According to Google, approximately 77 percent of people plan to do more than half of their holiday shopping online.
Related News:
Green Dam web filter still vulnerable to exploits - 6.26.2009
Green Dam Youth Escort, the web filtering software China is requiring PC-makers to preinstall on all new machines sold in the country starting July 1, is still vulnerable to exploits that web security experts warn could lead to the creation of a botnet for spreading malware.
Mac Trojan attack hits gaming sites - 6.22.2009
Security researchers at Trend Micro reported last week that two new variants of a Trojan malware, called RSPlug, have been infecting Macs. Another variant of the Trojan has been spotted at websites for downloading video games, according to the Mac Security Blog.
'Nine-Ball' mass compromise infects 40,000 sites - 6.18.2009
Cybercriminals compromised roughly 40,000 legitimate websites in a multi-level redirection attack that takes unsuspecting users to a website called Nine-Ball. Visitors to that site have their PCs infected with malware, web security researchers said.
Apple fixes Java security flaw for Mac OS X - 6.17.2009
Apple patched 32 vulnerabilities in multiple versions of Java used in Mac OS X 10.5 and Mac OS X 10.4, more than six months after Sun Microsystems fixed the same flaws for Windows and Linux platforms.
China appears to pull back on Green Dam web filter - 6.16.2009
Chinese authorities may be pulling back on compulsory use of a web filtering software, called Green Dam Youth Escort in English, that web security researchers say can be used to block access to not just pornographic but also political content.
|
