Websense Discovers New Spam E-mail Campaign
Security experts at Websense Security Labs have discovered that spam emails are being increasingly distributed, particularly those targeting the soccer fans worldwide as the World Cup commenced on June 11, 2010.
The latest scam in this series includes a spam email that comes with a subject line "FIFA World Cup South Africa...bad news". The message is also very short: "FIFA World Cup scandal news, read attached document". The file attached with this email is an .html file.
According to security experts, the most worrisome part of the scam is that recipients of this email will certainly end up in downloading some malware that will try to compromise their system and divert them to a fake website of the Canadian Pharmacy.
In context of this malicious spam campaign, Websense security experts noted that analysis of the raw content of the HTML attachment revealed that it was just a concealed script. This script opens a fresh webpage in user's browser if it is allowed to run, which either redirects user to a spam page or an attack website, as per the news published by pc1news.com on June 14, 2010.
This email includes the features of past spam campaigns that used social media and were used to lure visitors to visit a website in order to compromise their computers. The security firm has already identified over 80,000 emails used in this current spam campaign.
Seeing the maliciousness associated with the current e-mail spam, security experts advised all users to stay cautious of any unknown attachments or links they find in the emails received by them. They also reminded users to avoid clicking the links unless they are fully sure about their authenticity. Thus, what experts actually wanted to say is that they should not let cybercriminals achieve their malicious goals.
Finally, it's not only Websense, but several other security firms are also detecting and reporting of World Cup related scams. Security analysts with WatchGuard saw a tremendous surge in online threats, such as spam, spear phishing attacks that include attacks directly targeted at small chunks of population through socially-engineered messages to lure victim into opening an executable or visiting a website that serves malware) and PDF assaults related to the World Cup.
Related article: Websense Discovered Malicious Social Networking Spam Campaign
» SPAMfighter News - 23-06-2010