Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us

    Bogus news is old news. Whereas most email spam use “original” subject lines and message bodies that are actually just made up, a new threat dares to be different. Detected by Trend Micro as TROJ_PROXY.AFV, it arrives as an attachment to spammed email messages that use real news headlines.

    It uses any of the following subject lines:

    • Law hits Las Vegas ‘fake’ bands
    • Man Awakens From 19-Year Coma
    • Re: U.S. violent crime up again, more murders, robberies

    It also uses any of the following message bodies:

    • Decade Of Mystery: John Ramsey Speaks
    • Man wakes from 19-year coma in
    • Poland US vows to pursue hunt for missing soldiers
    • Password for submitted attachment is xxx

    Except for one that is dated November 2006 (â??Decade of Mystery: John Ramsey Speaksâ??), these headlines are of news items published early this month. The stories are from credible news organizations such as the BBC, CBS, ABC, and Yahoo! News. This calls to mind a NUWAR variant that parses the “Most Popular” section of CNN’s legitimate news site and lifts the sensational headlines, which it uses as subject lines in spammed email messages.

    While this may suggest that spammers are getting lazy devising stories of their own, the observed technique in fact substantiates new and enhanced avenues for social engineering characterizing the evolving threat landscape. Using news headlines is bound to work not only because the stories are gripping by themselves but also because a veneer of credibility exists, making it harder for users to tell that the email messages carrying these headlines are actually malicious.

    Users are therefore advised to read their news straight from the news sites and not to trust secondary sources, which in this case the spammers are.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice