This sounds like a user has to go to a lot of effort to get infected. Wouldn't it just be easier to write a driveby or use one of the millions of wide open remotely exploitable vulnerabilities in Windows?
Hmmm... unless the ABMer zealots are lying about how bad the security is in Windows.
Nah. They wouldn't lie about such things, they have too much honour, right?
Hmmm...
Fake swine flu e-mails lead to computer virus
Summary
You can ignore that e-mail that looks like it comes from the U.S. Centers for Disease Control about creating a profile for an H1N1 vaccination program.
Topics
You can ignore that e-mail that looks like it comes from the U.S. Centers for Disease Control about creating a profile for an H1N1 vaccination program. It's a malware scam, according to security provider AppRiver.
The fake alert informs recipients that as part of a "State Vaccination H1N1 Program" they need to create a profile on the CDC Web site. The link in the e-mail goes to a fake CDC page where the visitor is assigned a temporary ID and a link to a vaccination profile that is actually an an executable file containing a copy of the Kryptik Trojan targeting Windows, according to an AppRiver blog post on Tuesday.
Once installed, "this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization," the post warns. "It also enables a remote hacker to take complete control of your computer. This malware can log your typed keystrokes and send confidential personal and financial data (including banking information, credit card numbers, and website passwords) to a remote hacker."
For more, read "Fake CDC vaccine e-mail leads to malware" at CNET News.
Talkback Most Recent of 5 Talkback(s)
-
NonZealot1st Dec 2009 -
I don't know what ABMers think but driveby exploits are harder...
because hackers must rely on browser vulnerabilities to be able to use them. Why would hackers rely on the browser when they have so many windows vulnerabilities at their disposal, most of them known only to hackers?
And I can't understand why you worry so much about ABMers, they are not that clever. If they were they wouldn't A lways B uy Microsoft, right?
The Mentalist1st Dec 2009 -
RE: Fake swine flu e-mails lead to computer virus
For those concerned about protecting themselves from malware, CA's Internet security team recommends not to follow the links sent to you via email. You can get to the same information by going directly to the organization's website, which prevents phishing attacks. CA also recommends using a multi-layered approach to securing your PC. Install an up-to-date Internet Security Suite from an established brand, as some legitimate-sounding freeware products can actually be malware in disguise. Ensure the Suite includes anti-virus, anti-spyware, anti-phishing, anti-spam and firewall. You can stay on top of the latest threats and scams by signing up for advisories from a credible source, such as the National Cyber Security Alliance or CA's Security Advisor (www.ca.com/securityadvisor).
tlkst212nd Dec 2009 -
RE: Fake swine flu e-mails lead to computer virus
This is why (like one of the commenters said) you don't click on links in an email. That is unless you really know exactly where the link is taking you. If you mouse over a link and the name of the site you think it's going to is prefaced with some obscure site, then it's obviously not what it appears to be. Also if you WERE to click on the link and you click on something that says it's a link to create a profile, but instead you get a prompt to download an executable file....DUH! don't do it. Simple as that.
SpiderTech2nd Dec 2009 -
Why do people click on those things
they are stupid people, and we cant help them
metafruit3rd Dec 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
