IT security and control firm Sophos is warning computer users to beware of a widespread malicious spam campaign, disguised as a breaking news story about a bomb blast in their city.
Samples intercepted by the company claim that 18 people have been killed in an explosion, and link to a video news story on a site claiming to be Reuters-related.
However, anyone clicking on the link will not find more information on this breaking news story, but will be directed to a Web site that is designed to infect their Windows PC with malicious code.
Sophos says many computer users may not immediately notice the danger, as the Web site attempts to identify users' whereabouts and customises the story to make it appear as though it relates to their location.
“There are the usual clues that the observant computer user will recognise as spam - poor spelling and grammar being the key one - but the danger is that other less wary users won't notice this and will become engrossed in the story without realising that their PC is being infected as they read,” says Brett Myroff, CEO of regional Sophos distributor, Sophos SA.
He says the e-mail subject lines include: "Why did it happen in your city?", "Take Care!" and "Are you and your friends in good health?"
The e-mail contains the following text: “At least 12 people have been killed and more than 40 wounded in a bomb blast near market in Amsterdam. Authorities suggested that the explosion was caused by a 'dirty' bomb. Police said the bomb was detonated from close by using electric cables. 'It was awful,' said the eyewitness about blast that he heard from his shop. 'It made the floor shake. So many people were running.'”
This is a clever piece of social engineering, showing the lengths cybercriminals will go to in order to trick more potential victims, concludes Myroff.
Related stories:
Scammers target parents
US invades Iran?
Hackers target Sarkozy
Share