Criminals Exploit PowerPoint Flaws to Send Air France Flight 447 Spam
According to a news published in ukmedix on June 16, 2009, spammers are continuously searching for new and more sophisticated techniques to evade anti-spam filters and to get people open malicious e-mails sent by them.
Spammers have used a new method to distribute spam related with the crash of Air France AF447 in Atlantic after the SEO poisoning.
To arouse curiosity among people interested to know more about the tragedy and persuade them to open the e-mails, spammers have used catchy subject lines like 'Black box found' and many other exciting ones. When a user opens the e-mail, spammers get the signal that the e-mail account is active and subsequently, they flood the inbox with more malicious spam e-mails.
Describing the latest spam campaign exploiting the Air crash news, Trend Micro has said that its discovered spam attached with PowerPoint presentation. The spam seemed to be crafted to exploit vulnerability in Microsoft PowerPoint.
Besides, spammers have attached images of China-made Jumbo jets and the Air France Flight 447 to PowerPoint Presentation to persuade users to open the specifically crafted malicious file.
Trend Micro has dubbed the specifically crafted .PPT file as TROJ_APPTOM.C, which exploits flaws in Microsoft PowerPoint that enables remote code execution. After the successful completion of execution process, another malicious code called TROJ_INJECT.AIO downloads on the system and opens an Internet Explorer window secretly. It also connects to a specific URL from where more malevolent files enter the system.
Meanwhile, there are reports of photographs that show the cabin of the Air France Flight 447 but security experts have confirmed them as hoax. Usually, curious users promptly open the photographs but they are actually fake.
Hence, spam e-mails do not cause harm to computers but they are an organized efforts of cyber criminals to grab user's credit card details or make them buy illegally medication prepared in the third world at very low prices, said Trend Micro and McAfee. Thus, netizens should be extra cautious if they receive any PowerPoint file from friends. It is advisable to delete the file immediately.
Related article: Criminals Hack With More Evil Tactics
» SPAMfighter News - 6/25/2009
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!