Phishers using current events as bait

A couple of new phishing e-mails have emerged that use current events to lure victims to bogus Web sites where they are offered the opportunity to download malicious code or turn their money over to crooks.

The MX Logic Threat Center found e-mails using a lengthy account of victims' suffering to solicit charity for survivors of the earthquake in China's Sichuan province. 'Sometimes the depth to which spammers will stoop really sickens me,' said Sam Masiello, director of threat management at MX Logic. 'We've seen this type of scam before ' after Hurricane Katrina back in 2005 and the Indian tsunami in 2004 ' and now we are sure to see more scams over the coming weeks.'

Other e-mails attempt to capitalize on a less catastrophic event ' the release of Microsoft Windows XP Service Pack 3. The subject line suggests it is an important update and provides a link to download a patch for a high-priority vulnerability. The spelling of the originating address ' Micrisoft ' should be a dead giveaway. The 1M file is malware, of course, identified by MessageLabs as a variant of Virut, a virus that infects executable files and opens a back door to an Internet Relay Chat server.

The standard rules apply: Microsoft knows how to spell Microsoft and does not e-mail links for downloads and updates. And if you want to donate money to a good cause, choose the organization and initiate the transaction yourself ' don't respond to an e-mail solicitation.

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected