Spam Scam Exploits Northern Territory Library’s Success Story

Sophos is warning of a new spam mail that is being sent to users in the Northern Territory creating turmoil in Australia. Therefore, Australian people and organizations should be alert of the malicious spam, which poses to arrive from Bill and Melinda Gates Foundation.

According to Paul Ducklin, head of technology, Sophos APAC, the spam mail quotes news that is true, topical and current. The subject line in the e-mail reads "Life for Life" that describes the latest news about the Northern Territory Library winning the 2007 Access to Learning Award that the Bill and Melinda Gates Foundation has conferred on it.

But the link that claims to tell further about the award leads the user to a malware-infected Korean Website, said Ducklin. Although the e-mail appears to be from the actual domain, gatesfoundation.org, yet the news item connects to an entirely different site.

The spam is likely to victimize Australian readers, as the news is accurate and current. However, it is not yet confirmed if the attack aims Australians alone, while the threat performs an identity theft of a very specific kind, Ducklin said.

Sophos has detected the malware from the Korean site as Mal/ObfJS-H.obfJS, which means 'Obfuscated JavaScript'. This malware is second on the list of Sophos' latest monthly rankings of online threats.

The JavaScript-crafted page creates another Web page that Sophos has detected as Mal/JSShell-B. This page attempts to exploit an XML vulnerability in Windows to download a harmful Windows program concealed in the hijacked Korean server. Sophos has blocked this document called Mal/Basine-C.

SophosLabs blocks millions of spam mails to analyze them and spot approximately 30,000 new malware-laden Web pages, every single day, said Ducklin.

A number of these spam mails nearly fail to hide their characteristics, coming out with offers for pills, porn or other products of dubious nature. In the present case, however, spammers have exploited the Australian interest in the success of the Northern Territory Library.

So users are requested to be vigilant when they receive seemingly innocent and harmless news releases. Sophos advises businesses to deploy in-depth defenses through an all-comprehensive and compact solution.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 10-09-2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next