Don't get infected on Valentine's Day
PrintNew versions of old scams debut today
Posted in Software & Security, 14th February 2007 11:27 GMT
Free whitepaper – What Exchange can't do - and Dell can
There's Valentine's Day worms and phishing spam doing the rounds, and they're going to give you an infection you'd rather not have.
One phishing email - a new variant on an old trick - is spoofed to look like it comes from services@americangreetings.com, a well known e-card company. Click on the link, which claims you've been sent a Valentine's card, and a faked-up copy of that site's homepage tells you that "You don't have the latest version of Macromedia Flash Player".
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos and Symantec, are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date. ®
Analyst Keynote: The Register Agile Data Center Summit
Managing desktop software for fun and profit
Enhancing retail operations with unified communications
New storage architectures make SSDs more cost-effective
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs