Thanks Mach! Fake Alerts Could Leads To Viruses
David Utter | Staff Writer
2006-08-22
Spammers have attempted to fool people into downloading malware by sending out messages claiming an upgrade to security software will be required.
Spammers Fooling People into Downloading Malware
These fake upgrade alerts lead to websites crafted to look similar to a legitimate security company's pages. When the victim downloads the purported update, the computer instead receives a vicious dose of malware.
Symantec blogger Amado Hidalgo posted on the company's Security Response Weblog that these phishing emails continue to plague end users. Many messages do get caught by spam filters but some do slip through.
One phish Hidalgo has seen involved a Portuguese-language email directing victims to a fake site branded to appear as a Symantec Brazil security check website. Instead of a helpful removal tool, people who fell for the come on received something completely different:
Once downloaded, the executable even has an icon that looks like a part of the Symantec logo. However, this "tool" happens to be an information stealing Trojan horse that we currently detect as Trojan.Bakloma.
Symantec describes Trojan.Bakloma as an information-stealing piece of malware. Once installed on a system, it sends information about the compromised computer by email to an inbox that is likely checked by the Trojan's distributor.
Then the Trojan monitors Internet Explorer to see if the user navigates to certain financial sites. If so, it displays a fake input form, and sends that information off to another email address. That data would include a username and password for places like a bank website.
Experiences like these may cause bank customers to take the same course I did when opening a new account a few months ago. When the banker asked if I would like to provide an email address, I declined, the theory being that if the bank doesn't have that address, any messages I do receive that appear to come from bank would be instantly obvious as fraud attempts.
The banker didn't believe me. But over the past few weeks, phishing emails allegedly from my bank have arrived at the address I would have provided. A week ago, the bank was in the local newspaper, warning against these phishing attempts. I hate to say I told you so, but unfortunately I've had such cynicism rewarded by being correct.
AI
