Don't get infected on Valentine's Day
Print storyNew versions of old scams debut today
Posted in Software & Security, 14th February 2007 11:27 GMT
Free whitepaper – The future of SaaS and IT infrastructure management
There's Valentine's Day worms and phishing spam doing the rounds, and they're going to give you an infection you'd rather not have.
One phishing email - a new variant on an old trick - is spoofed to look like it comes from services@americangreetings.com, a well known e-card company. Click on the link, which claims you've been sent a Valentine's card, and a faked-up copy of that site's homepage tells you that "You don't have the latest version of Macromedia Flash Player".
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos and Symantec, are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date. ®
Essential archive requirements for eDiscovery
Image spam: the threat returns
Jump start your Application Security initiatives
The shortcut guide to managing certificate lifecycles
Sign up, sign up for The Register IT security newsletter
Former top Sun exec mourns end of a franchise
Win an HTC Touch Diamond2!
Disties braced for autumn reseller collapses