Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

CPJ’s Top Official gets Phishing E-mail from Sister Organization

During the end-week of August 2012, Joel Simon, Executive Director (ED) of CPJ abbreviation for 'Committee to Protect Journalists' got one e-mail, which seemed as being dispatched from the id of Rony Koven, co-worker and employee of 'World Press Freedom Committee,' the sister organization of CPJ, published ZDnet.com dated September 4, 2012.

It maybe noted that CPJ represents one NGO, which combats for safeguarding journalists working at relatively high risk as also shield free press breaches worldwide.

Reportedly, Rony Koven's name was wrongly spelled as Rony Kevin in the e-mail while the Yahoo account from where the message originated wasn't either of his.

With a header, "Fw: Journalists arrested in Gambia," the fake e-mail had boilerplate text content regarding recently jailed reporters. This was followed with a request to examine the attachments to get additional info. In reality, the criminals 'copy-pasted' the text available inside 'Article 19 alert,' state reports. The attachment contained a zipped file given the name, "Details" that was apparently password-protected having CPJ as the characters.

Luckily, CPJ's staff-members act very carefully with unknown attachments.

In the current case, the institution quarantined the e-mail, which it subsequently assessed within one secured computing environment.

During the assessment, CPJ staffers discovered that the zipped attachment had one replica of Article 19, a few photographs (precisely 3) showing Gambian journalists, as well as one malevolent Windows executable falsely depicted like a graphic file.

And whilst this executable was run, it clearly showed like malware that worked behind the scene while exchanged messages from the ED's PC onto another server, which, according to Morgan Marquis-Boire a security researcher from Citizen Lab, traced to Indonesia.

Analysts found that the malicious software would get loaded within a harmless place on the PC from where it'd run automatically. A standard function would release the malware file, while comments followed in the Chinese language.

Danny O'Brien, Internet Advocacy Coordinator at CPJ e-mailed the administrative address of the computer-server of Indonesia, but it didn't help in tracing the phishers. Neither did the executable file's Chinese language suggesting the toolkit that created the malware as having Chinese components, observed O'Brien.

Related article: CEFCU Customers Face phishing Scam Heat

» SPAMfighter News - 17-09-2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next