Picture the scene: You wake up in the morning and make your way on autopilot to work at your job in Tehran, then switch on your work PC to check your email. One in particular stands out as being a bit different from the others. You read it once, and then just to be sure read it a second time, then run to look out the window. Seeing no tanks in the streets and a significant lack of mushroom clouds, you return to your desk and take another look…
Anxious to find out what’s going on, you download the video and run it to find out more information.
Now, longtime readers of this blog (well, most people to be honest) should look at that email and be immediately skeptical. They might even go check out a legitimate new sites like CNN or BBC. However, enough people will open your email inboxes this morning, download the video (hint: it’s not really a video, it’s just another Storm/Nuwar/Zhelatin/Peacomm variant detected by Trend Micro as TROJ_NUWAR.AB) and proceed to help the Storm gang’s authors make even more money. The Storm network may have decreased since its heyday — but its size still makes the approximately 20,000 soldiers seem small in comparison.
It’s a sad world we live in where we have to educate people to be careful of what they get in their email, to be suspicious of every site they visit, and to be constantly on the lookout for scams.
Needless to say, Trend Micro customers are protected from this threat, both with our latest pattern file, and in the cloud with our Smart Protection Network. For everyone else, think before you click.
Additional information — here are samples of spam pertaining to this attack: