Posts Tagged ‘ZIP (file format)’

How a free breakfast day at McDonalds can lead to malware danger

Published by pratyushkp on June 22nd, 2011 - in Social, Technology

Image by bradlauster via Flickr

If you’re the sort of person who wakes up in the morning, and the first thing you long for is a McDonalds‘ breakfast – but if you are, you might just be exactly what malware authors are looking for.

Researchers at SophosLabs have seen a malicious email that has been spammed out across the world in the last couple of days pretending to come from McDonalds.

The email claims that the fast-food giant is offering free breakfasts in each and every of their many thousands of restaurants around the globe. Chances are that there are many people who would love the prospect of munching on a McDonalds first thing in the morning.

FBI says you’ve been visiting illegal websites? It’s a malware attack

Published by pratyushkp on May 6th, 2011 - in Social, Technology
The Seal of the United States Federal Bureau o...

Image via Wikipedia

Cybercriminals have spammed out a malicious attack, posing as a notification from the FBI that you have been visiting illegal websites.

Illegal websites email claiming to come from the FBI

A typical message reads as follows:

Subject: You visit illegal websites
Attached file: Document.zip

Message body:
Sir/Madam, we have logged your IP-address on more than 40 illegal Websites. Important: Please answer our questions! The list of questions are attached.

If you make the mistake of running the program in the attached ZIP file, you’ll find that your computer is hit with a fake anti-virus attack – designed to scare you into handing over your credit card details.

Sophos products intercept the email messages as spam, and also detect the attachment as Mal/Bredo-K and Troj/BredoZp-DM.

Of course, if you have your wits about you you would realise that the email looks very suspicious in the first place. But there’s always the danger that some folks will be so worried that the FBI believes they might have been visiting naughty websites, that they’ll click on unsolicited email attachments without thinking.

Source :- http://nakedsecurity.sophos.com

  • FBI says you’ve been visiting illegal websites? It’s a malware attack (nakedsecurity.sophos.com)
  • ‘You visit illegal websites’ FBI-themed emails lead to scareware (zdnet.com)
  • Spam from your Facebook account? Malware attack poses as official warning (pratyushkp.wordpress.com)
  • FBI, CIPAV spyware, and the anti-virus companies ” Kevin Townsend (kevtownsend.wordpress.com)
  • My naked picture is attached – malware spammed out (nakedsecurity.sophos.com)
  • Spam from your Facebook account? Malware attack poses as official warning (nakedsecurity.sophos.com)
  • FedEx notification malware attack spammed out (nakedsecurity.sophos.com)
  • DSC0173519.zip – spammed out malware attack poses as photo attachment (nakedsecurity.sophos.com)
  • FBI Warning about Internet Searches on OBL (fellowshipofminds.wordpress.com)
  • FBI Issues Usama Bin Laden Death Email Scam Warning (jcijcp.wordpress.com)

Spam from your Facebook account? Malware attack poses as official warning

Published by pratyushkp on April 27th, 2011 - in Social, Technology

Cybercriminals are adopting a new disguise, following last week’s “Facebook password changed” malware attack.

Computer users are discovering malicious code has been sent to their email inboxes, pretending to be a notification from Facebook that their social networking account has been used to send out spam.

Spam is sent from your FaceBook account

A typical message reads:

Dear client

Spam is sent from your FaceBook account.

Your password has been changed for safety.

Information regarding your account and a new password is attached to the letter.
Read this information thoroughly and change the password to complicated one.

Please do not reply to this email, it's automatic mail notification!

Thank you.
FaceBook Service.

The attack would, perhaps, be a little more successful at fooling more people if it had gone through a grammar check and if the perpetrators had paid more attention to the fact that it’s spelt “Facebook” not “FaceBook”.

Nevertheless, there are doubtless some computer users who might be tempted to open the attached ZIP file and infect their computers with malware.

We’ve seen similar attacks before, of course – and I imagine that cybercriminals will continue to use ruses like this when spreading their malware. Plenty of people are hooked on Facebook, and a message telling them that their password has been reset is likely to send them into palpitations and they may open the unsolicited attachment without thinking.

After all, it’s not as though spam being sent from Facebook accounts is unusual.

If only more people realised that they cannot trust the “from:” address in an email, as it is so easily forged. In this case it presents itself as being from "Facebook Help" , but in reality it could just as easily be a Hungarian hacker, a Finnish fraudster or a Serbian scammer who initiated the widespread spam attack.

Sophos products intercept the attack as Mal/BredoZp-B.

If you are one of those many people who can’t get enough of Facebook in their lives, can stay informed about the latest scams by joining the Sophos Facebook page, where more than 70,000 people regularly share information on threats and discuss the latest security news.

Source :- http://nakedsecurity.sophos.com/2011/04/19/spam-from-your-facebook-account/

  • Spam from your Facebook account? Malware attack poses as official warning (nakedsecurity.sophos.com)
  • Facebook password changed? Malware attack poses as message from Facebook support (nakedsecurity.sophos.com)
  • DSC0173519.zip – spammed out malware attack poses as photo attachment (nakedsecurity.sophos.com)
  • My naked picture is attached – malware spammed out (nakedsecurity.sophos.com)
  • Beware of Facebook Email Malware Scams! (lockergnome.com)
  • ALERT: New Facebook Email Malware Spreading (allfacebook.com)
  • Malware Watch: ‘Spam is sent from your FaceBook account’; Spamvertised malicious photos (zdnet.com)
  • FedEx notification malware attack spammed out (nakedsecurity.sophos.com)
  • Spammers target Facebook (knoxnews.com)
  • Spammers target Facebook (physorg.com)
Tags: E-mail spam, , Grammar checker, , , , ,
© Social Media Blog