Subscribe
In April and May of this year, while the CDC and other federal agencies were working hard to prevent the spread of a swine flu outbreak, another outbreak was occurring that did not catch the headlines: Swine Flu Spam.
With Swine Flu at the forefront of everyone’s mind, spammers got busy. When the possible Swine Flu outbreak was being reported in April of this year by the media, Cisco stated that Swine Flu related spam accounted for 4 percent of the worldwide total at its peak. Symantec reported on their blog one scam that spammers unleashed where they had a viral PDF document of Swine Influenza FAQs. When users clicked on the PDF document, it unleashed a malicious InfoStealer code onto the victim’s computer.
Well just when we thought our computers were safe from getting infected by the Swine Flu, Sophos Labs reported on July 22nd on their blog that with the Swine Flu pandemic ongoing, spammers are continuing to play off of peoples fear. This time they sent an email titled, “Novel H1N1 Flu Situations Update,” which had an attached Word document that when opened had the following image in it:
This image is identical to the one found on the CDC website. Unbeknownst to the users who clicked on the Word document, a Trojan was unleashed on their computer that not only stole all of their passwords (encrypted ones as well), but it also tracked all of their key strokes. All of this information was sent back to a malicious website where most likely the stolen information would be sold in one of several underground markets. Spam continues to be a major problem not only for individuals but corporations as well. Symantec reported that as of April of this year, “unsolicited email made up 90.4% of messages on corporate networks.” While companies have become “smarter” in not allowing certain attachments to pass through to their networks, spammers have started attaching URLs in their messages enticing people to click on them which then redirects them to a website that carries the malware. This type of spam generally tends to not get stopped by firewall or anti-virus or anti-spam software.
So how do you defend yourself against malicious emails? To lower your risk of malware infections, you need to:
- Download software only from sites you know and trust.
- Set your browser security high enough to detect unauthorized downloads.
- Use anti-virus and anti-spyware software, as well as a firewall, and set them to update automatically.
- Don’t click on links inside pop-up windows.
- Don’t click on links in spam that claim to offer anti-spyware software; you may unintentionally be installing spyware.
Clues that malware may be on your computer include:
- A sudden increase in pop-up ads.
- A sudden or repeated change in your computers Internet home page.
- New and unexpected toolbars or icons on the system tray at the bottom of your computer screen.
- Slowed computer performance.
- Random error messages.
While it is important for both individuals and corporations to have the necessary security measures in place to protect them from these spam messages by incorporating firewalls, antivirus software, email filters, etc…, the best way to reduce these threats is to simply educate yourself, and if you work for a corporation, educate your peers to not open or click on anything that looks suspicious. Sound stupid? Well, so does your computer getting the Swine Flu.