The Case of the Fake Microsoft Services Agreement Email
As of September 1st, the Internet Storm Center (ISC) wrote that they’d received multiple reports of a phishing campaign using the template from a legitimate Microsoft email regarding Important Changes to Microsoft Services Agreement.
The phony email messages are a knock-off of actual emails that Microsoft recently sent out to users announcing changes made to Microsoft’s Services Agreement that are set to take effect later this month.
The only real difference between the emails (aside from the originating source) is that all of the hyperlinks within the email have been set to point to a malicious site housing the BlackHole exploit kit.
According to the VirusTotal report linked in the ICS report, only 6/42 antivirus programs can detect the ZeuS variant delivered upon a successful attack, which involves Java vulnerability CVE-2012-4861.
Bogus Amazon Order Emails Return for Java Exploits
Meanwhile, while ICS was receiving multiple reports of fake Microsoft emails, researchers over at Websense were being inundated with tens of thousands of fake Amazon order confirmation emails.
The emails, titled “Your Order with Amazon.com” were short, sweet, and to the point: tap the “click here” link and be on your merry way to a BlackHole exploit site also looking to exploit Java (along with Adobe Flash and Reader):
Subject: Your Order with Amazon.com
Dear Customer,
Please click here and verify your order is #[RANDOM NUMBER] with Amazon.com.
We hope to see you again soon!
Protect Your PC from Malware Spam Attacks
With all of the attention Java (and its never-ending supply of security flaws) has received as of late, it’s important that users exercise caution to avoid having their computers infected with malware. That basically means that you should:
- Look before you click: Hover your mouse over links to check the destination URL before following it.
- Disable / remove Java if you don’t need it.
- Review email headers if you doubt the authenticity of an email.
- Keep your OS and antivirus programs up to date.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.
No comments:
Post a Comment