Malware authors are sending out booby-trapped emails disguised as electronic ticket receipts. Trojan horse malware buried in messages ostensibly from United Airlines circulating this week follow a similar attack featuring emails purporting to come from Northwest Airlines last week. In both cases the messages come form spoofed …
And This is News, How?
I've been getting these for several months, along with a number of other ruses.
I know that I have forwarded a number of examples of interesting and new scams to you guys from time to time, and I'm sure I'm not alone. I just figured that you never mentioned them because they were so common that they weren't news.
It really shouldn't be anything surprising.
My favourite one of these
was the UPS parcel I was supposed to have posted on the 25/12/08. All I had to do was open the word document...
A fool and his money
I first got those AGES ago. Why is anyone silly enough to open them?
I got one claiming to be a survey from a bank that just happened to be the same one as I use. As my bank have sent me surveys by email before I was happy to fill it out until I got to the last page which asked for my login details "so that I could enter a competition to win £50". Realising something was amiss I gave said bank a call who confirmed it was a phishing email.
Because idiocy and ignorance knows no bounds.
What does the malware do?
So once you've got this malware on your computer what can you expect to see it do? Is it a spam-bot or does it delete files? What does the malware do?
Whenever I disinfect a client's computer of viruses et. al. they invariably ask me why people create viruses. I know that some people are getting rich but when people ask me about the details of the schemes to make money I have to plead ignorance. How exactly do people make money sending email asking if you would like to have some part of your body enlarged? How do the unscrupulous retailers get in touch with the spam-bot operators? How is it possible that the FBI fails to clamp down on these schemes if the bad guys have to use credit card service bureaus to get paid? It would seem to be trivial to track these things to their point of origin.
My clients want to know. Please someone write an article explaining this stuff.
BTW I'm Tux-Safe insofar as few viruses are written for Linux.
@ Luke 16:48
Use the Force Luke, use the Force...
And why aren't all these IT bods using decent spam filtering?
You would have to
- Not have a virus checker running in your email chain or PC
- Not have a mail rule that bans ZIP files with EXEs (ok, these are annoying)
- Ignore all the warnings that any recent system shows about running an EXE.
I fly quite a lot, apparently
Alaskan Airlines, United, you name it, I've bought a ticket on it.
Windows needs to introduce the "double-double click". If you are in anyway a beginner on a PC, the standard double-click in the email client should be disabled.
Instead, when you double-click an attachment you should get an intermediate message:
"Do you really want to open this? Do you know who it's from? Do you know what it is? Do you think your penis is really that small?...." double-click again to continue...