Spammers use phony package tracking to launch attacks
Monday, March 30, 2009
The latest spamming scam deployed by cybercriminals involves emails that claim to be from package carrier DHL.
The spam email claims that DHL attempted to deliver a package on March 14 and tells spam recipients to click a link for an invoice to retrieve the package. Once recipients click on the link, trojan malware is downloaded onto their PCs.
Email security experts said the attack is similar to one earlier in March that claimed to be from package carrier UPS.
The spam email carries the subject line "DHL Tracking number" and a randomly generated phony tracking number. The link contains a file that allows the cybercriminals to send phony security alerts in Internet Explorer telling users to purchase rogueware to protect their computers.
To protect against this type of spam attack, security experts said users should keep anti-virus software updated, have a secure firewall and update software with security patches.
Also, users should be cautious when receiving unsolicited emails. Organizations and SMBs can protect themselves from spam through email filtering as well as incorporating phishing protection into their network security.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
