Html Files Divert E-Mail Operators Onto Malevolent Sites
Internet Security Company BKIS has recently spotted an enormously big spam campaign that's spreading virus through file attachments in the .html format. The unsolicited junk e-mails pretend to be notices that Facebook, Twitter, Microsoft, Skype etc., sent.
Notes the security company, the total volume of e-mails which attempt at duping users into pulling down harmful files has increased of late.
The attackers use varieties of e-mails to target users online. One of these informs the recipient that there has been a change in his Facebook or Twitter password. Yet another tells that he must examine his purchase details conducted via Skype, while a third one states that there are messages waiting to be read. Many others too are circulating.
Further, the subject lines displayed too vary depending on the theme of the e-mails. These include "Reset your Facebook password," "FIFA World Cup South Africa...bad news, "Online Setup Notification" etc.
In addition, the attachments embedded are open.html, news.html, index.html, facebook_newpass.html, ecard.html...etc.
These varied e-mails, however, have one common aspect i.e. they carry an .html file that's differently named according to the e-mail, although persistently carry a script.
If users open the attachments, they'll be diverted onto malware-laden websites that exploit vulnerabilities in IE, Adobe and Java for downloading viruses. Actually whenever an .html attachment is opened, it's like accepting hackers' call for visiting malevolent sites.
Says Senior Security Researcher Le Minh Hung, there are two reasons why attackers will shift towards malevolent files of these types. First, many people have already learnt that .zip and .exe type attachments are possibly evil and so the associated e-mails must be deleted. Conversely, .html files have been able to appear unsuspicious, Hung explains. Help Net Security published this on June 18, 2010.
Another reason cited is that these .html file attachments do not carry any attack code that enables the malicious files to easily evade anti-virus software.
Therefore, security researchers advise end-users that they should be more wary about file attachments embedded inside unfamiliar e-mails; install AV solutions for the protection of their PCs from viruses, and update all of their security software on a regular basis.
Related article: Hotmail Account Holders Vulnerable to Latest E-mail Scam
» SPAMfighter News - 28-06-2010