Phony hi5 Invitation Leads to Malware Installation

TrendLabs, an Internet security company, has cautioned users about a malevolent bulk e-mail campaign which purports to have come from hi5, a well-known social networking website.

The spam mail prompts the recipient to add the mail sender to his contact list similar to a normal invitation on any social network. But for that, the recipient needs to click on a given attachment called "Invitation Card.zip."

Unfortunately for the innocent user, the attached file doesn't carry any .htm file that may be apparent at first sight. Instead it contains an executable identified as WORM_PROLACO.AA which actually infects the victim's computer.

According to the security researchers, cyber criminals are also scamming users of Google and Twitter. While users of Twitter are being duped via the same "invitation" trick, users of Google are scammed slightly differently.

In Google's case, the spam mail expresses gratitude to the recipient for sending his CV to the company for a vacant position. The user may examine his application by clicking on the attachment, the e-mail states.

Thus, the security researchers suggest that surfers should remain vigilant while communicating with anyone on hi5 or Twitter. They should avoid downloading and installing any software recommended in the cases as it could be malware. Moreover, users do their activities via the websites they surf; therefore they should not try to click on the attachments when future campaigns of the same type occur.

It is not new to see an invitation scam running on the Internet. During July 2009, scammers employed the same tactic against Twitter users. In that case, the spam mail used the subject line "Your friend invited you to Twitter!" supposedly from the address invitation@twitter.com. It also carried an attachment named 'Invitation Card.zip,' which infected the computer with a malicious program in case the user opened the attachment.

Commenting on the latest 'invitation' scam, security researchers at TrendLabs state that the type of social-engineering utilized in this case is perhaps spammers' oldest tactic. It is for this reason users are suggested that they should exercise caution against e-mails sent from strangers. Besides, they should scrutinize all file attachments with a scan engine prior to downloading them.

Related article: PM’s Official Web Site Targeted By Hackers

» SPAMfighter News - 2/24/2010