For a long time we’ve seen spammers, phishers and malware authors concealing their advertising pitches, scams and malicious payloads by pretending to be a message from a social network, whether it claims to originate from Facebook, Twitter or even MySpace.
Here’s one of the latest we caught today, claiming to come from Twitter.
Twitter-er!
You have 2 direct message from Twitter Administration
[LINK]The Twitter Administration
Image by bradlauster via Flickr
If you’re the sort of person who wakes up in the morning, and the first thing you long for is a McDonalds‘ breakfast – but if you are, you might just be exactly what malware authors are looking for.
Researchers at SophosLabs have seen a malicious email that has been spammed out across the world in the last couple of days pretending to come from McDonalds.
The email claims that the fast-food giant is offering free breakfasts in each and every of their many thousands of restaurants around the globe. Chances are that there are many people who would love the prospect of munching on a McDonalds first thing in the morning.
Image via Wikipedia
Original post on Sophos. Author – Graham Cluley
We’re having an uncharacteristically sunny June day here in Britain, making it feel all the more incongruous to see Christmas cards are being sent out via email.
But you should be careful, because these aren’t just badly timed emails wishing you season’s greetings – these emails have a malicious payload designed to infect your Windows computers.
Here’s a typical example of the type of message that has been intercepted by SophosLabs:
Subject: You have received a Christmas Greeting Card!
Message body:
You have just received a Christmas greeting card!
To see your custom card and who sent it, please click the attachmentAttached file: Christmas Card.zip
Although the email claims to come from 123greetings, a legitimate and well-known ecard website, the reality is that the bad guys have forged the headers in this email in an attempt to trick you into clicking on the attachment.
The danger is, of course, that you may be bemused by the notion of receiving a Christmas card in June and click on the attachment out of curiousity. That would be a big mistake, however, as it contains the Mal/CryptBox-A Trojan horse.
So you should have trusted your instincts. There’s always going to be something odd about a Christmas card arriving in June – and like any other unsolicited attachment it should be approached with caution.
Make sure that your anti-virus software and email protection is in place, and make sure you’ve had a good healthy helping of common sense next time you receive an out-of-season greeting.
