Thursday, October 11, 2012

Malware Attack Hides Behind Fake CNN Alerts Stating Romney Has 60% Voter Support

Election 2012 ButtonWhenever cybercriminals create a malware spam campaign, they often write messages that they know will tap into the emotional side of the recipient.

By doing this, they can yield the best click-through rates for any embedded links pointing to malicious websites and highest number of possible downloads for file attachments laced with malware.

And what better way is there to evoke emotion than to discuss the 2012 U.S. Presidential Election?

Therefore, consider this your fair warning to be on the lookout for fraudulent emails purporting to be from well-known news media outlets featuring eye-catching electional headlines like the one below. It could be a trap to infect your PC with malware.

CNN Malware Spam Screenshot Credit: Sophos



Subject: CNN Breaking News – Mitt Romney Almost President
From: CNN Breaking News (BreakingNews@mail.cnn.com)

CNN
Top Stories
U.S. World Business Sports Health Technology Entertainment Features

TOP STORIES FROM CNN.COM
More than 60 percent of votes will be in favor of Mitt Romney.
Republican Party’s candidate is taking the lead in the race with the current President, the Democratic Party’s candidate, Barack Obama.
....

To no surprise, none of the links within the email go to CNN.com. Instead, they point to a third-party website housing the widely-used BlackHole exploit kit that will attempt to exploit system vulnerabilities in order to place malware on your machine.

According to Sophos, should BlackHole fail to find a vulnerability to take advantage of, it will resort to social engineering tactics by redirecting you to a page asking you to download a bogus Adobe Flash Player update.

Executing the fake Flash Player update will open your system up to even more trouble as it attempts to connect to various sites to download additional arbitrary files.

How Can I Protect My PC from Spam Malware Attacks?


Given that there was an up-tick in malicious spam activity around the 2008 election, we are offering the following tips to help you keep your computer safe during this year’s election:

  • Be sure to mouse-over email hyperlinks to check the true destination URL before clicking on them. This will help you determine if the email is legitimate or not, and will also help you figure out if you’re about to fall into a cyber-attack.

  • Never download a file attached to an unsolicited email. This is a popular method cybercriminals use to infect machines with malware. At the very least, make the effort of scanning the file before you download it.

  • Keep your operating system and installed software fully patched and up-to-date. This will close security holes & minimize the chances of a successful BlackHole exploit attack.

  • Always remain vigilant when checking your email and using the internet. Spammers often exploit the brands of reputable companies to launch malware attacks, so take the time to scrutinize every email to look out for possible red-flags.


Aside from that, we always make an effort to post about spam & malware attacks, so feel free to subscribe to our blog (see top right), follow us on Twitter (@hyphenet), like us on Facebook, or circle us on Google+ to informed about the latest computer security threats.

No comments:

Post a Comment