|
Players report electronic postcard scams increasing
Ever had one of those unexpected "you have a greeting card waiting" emails from unknown persons? You're in good company, as hundreds of players report the same scammer experience, which has now become the subject of an official warning from IT security firm Sophos.
Sophos is warning computer users to be wary of unsolicited emails and defend their web gateways, following the discovery of a spam campaign that poses as an electronic postcard, but is really an attempt to lure the unwary into being infected by a web-based Trojan horse.
Sophos has intercepted hundreds of the spam messages being sent, which contain the subject line 'You have received a postcard !'. Part of the body text reads as follows:
"Hello friend ! You have just received a postcard from someone who cares about you! If you'd like to see the rest of the message click here to receive your animated postcard!"
Users who follow the web link are taken to a downloadable executable file (postcard.exe). The file is designed to allow remote hackers to gain access to the infected Windows computer.
"Despite the text's ambiguity and poor spelling, the lack of an attached file means some recipients may believe the email to be harmless. In fact, this is how more and more malicious attacks operate today - using a mixture of email and the web to deliver a dangerous payload to the desktop," said Graham Cluley, senior technology consultant for Sophos.
Last week, Sophos published research revealing the rise of web-based malware in the first three months of 2007. With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred avenue of attack. |
|