EmailSafety.net - Security firm warns against Olympic spam

Security firm warns against Olympic spam

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

Beware of e-mails with sensational Olympic subject titles. They will likely contain a form of malware called Storm that infects computer systems, according to enterprise security firm, Secure Computing.

The firm has warned that headlines could range from being political in nature, such as "President Bush calls for Olympic boycott", to mails with disaster themes, for instance, "Bird flu breaks out in Beijing".

There has been an increase of about 360 million spam messages pertaining to the Olympics, said Benjamin Low, Managing Director, South East Asia and India, Secure Computing. "Spammers are continuing to use current events like the Olympics to entice end users into responding or clicking on links whose sole purpose is to download malware."

Low said the excitement over seeing a video of breaking news from the Beijing Olympics can encourage cautious users to lower their suspicions and open the door to a world of trouble.

Related Content

"Once the user clicks through the mail and then goes to the website, they will be led to the page where it contains links to a supposed video that actually downloads the Storm worm "Worm.Zhelatin.zc"," he said.

The last video for your PC

The body of the message contains a short text paragraph with a link to a fast-fluxing Storm domain. These domains will change their actual IP addresses on a constant flux and pointing to compromised botnet computers. Users will then be lead to a website that prompts one to click onto a video.

"The shown video player is just a simple image called "mov.gif" and there is no video at all. All you get is the actual Storm malware executable named "beijing.exe" if you click the image," added Low.

But a closer look at the source code of the web page reveals that a hidden IFRAME pointing to an exploit script called "ind.php" which tries to stealthily leverage several known vulnerabilities to install the malware on not fully patched computers.

Tips to avoid trouble

Low has offered the following steps to help prevent users from getting infected.

-- Treat unsolicited mail with linked websites or attachment with suspicion.

-- Resist the temptation to click through to the website and download information or open the attachment.

-- Send any suspicious looking email or websites to the IT department.

For more enterprise computing news, visit For more gaming news, visit GamePro. http://www.gamepro.com/ Story copyright GamePro Media."http://www.computerworld.com/">Computerworld. Story copyright Computerworld, Inc.

Recent News:

· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered

Site Map | Recent News | Related Sites