Original URL: http://www.channelregister.co.uk/2007/02/14/valentines_phishing/
Don't get infected on Valentine's Day
New versions of old scams debut today
Posted in Software & Security, 14th February 2007 11:27 GMT
Free whitepaper – Straight Talk with Dell: Sending out an SaaS
There's Valentine's Day worms and phishing spam doing the rounds, and they're going to give you an infection you'd rather not have.
One phishing email - a new variant on an old trick (http://www.first.org/newsroom/globalsecurity/42695.html) - is spoofed to look like it comes from services@americangreetings.com, a well known e-card company. Click on the link, which claims you've been sent a Valentine's card, and a faked-up copy of that site's homepage tells you that "You don't have the latest version of Macromedia Flash Player".
Once loaded, only the sharp-eyed will spot that the URL is actually americanSgreetings.com, and even if you don't click the link the page tries to download what looks like a Flash installer - but is actually far too small to be the real thing.
Yup, it's a Trojan.
If you go back to the same fake page later (whether you accepted the download or killed it), it now leads to a real e-card on the real American Greetings site, so you might think the "Flash install" had fixed the problem. Nasty.
It's not the only topical risk around today either. Anti-virus companies, including Sophos (http://www.sophos.com/pressoffice/news/articles/2007/02/drefab.html) and Symantec (http://www.symantec.com/home_homeoffice/security_response/index.jsp), are reporting a big surge in infected email with Valentine's taglines. The messages have a file attachment which of course carries a Trojan or worm, but should be blocked as long as your AV is up to date. ®