Spam Scam Announcing Fake Conficker Alert
Researchers at TRACElabs of Marshal8e6, an online security company, have detected an e-mail campaign that is spamming fake "Conficker Infection Alerts" and diverting users to bogus security software as they click on the given links.
The spam campaign, say the researchers, is representing various security departments of Microsoft so that it appears credible.
The e-mail states that since April 1, 2009, the Conficker virus has been rapidly infecting customers of Microsoft. However, to avoid the spreading of the infection, Microsoft advises users to run anti-spyware software, says the alleged sender of the e-mail.
Accordingly, the e-mail says, Microsoft is providing to all Windows users who might have been infected, a free system scan to clean all the files, infected by the virus. Subsequently, the e-mail requests the recipients to go to Windows Computer Safety Center through a given web-link.
But, on clicking the link, the ensuing page installs a malicious IFrame that diverts users to the website that serves a page for a so-called antivirus scan. Thereafter, while pretending to run the scan on users' PCs, the page announces that there are hundreds of viruses on the systems. Therefore, users must download the file setup.exe for cleaning the malware.
Eventually, the e-mail concludes with the promise that following the doing according to the recommended steps would help users keep their files safe from being compromised.
The security researchers state that through the new campaign, spammers are taking advantage of the ongoing Conficker hype. Such spam scams based on events, according to the researchers, are continuously developing, away from themes taken from prominent news portals towards choosing of the most current keywords and of compromising popular titles. This helps to reach the higher-ranking positions on search engines relating to a particular Internet video sharing utility.
Thus, security specialists have suggested that users should avoid clicking on links in e-mails and downloading files from sites saying that their computers are infected with virus.
Meanwhile, this attempt to exploit the Conficker hype follows another recent campaign that spread fake Conficker removal tool URLs in the 1st week of April 2009.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 17-04-2009