FW: New email virus warning

Submitted by Cyndi Johnson on Fri, 08/08/2008 - 9:57am.

I just sent this on and thought I'd share it here, too. We've already
seen the CNN emails and have had unsuspecting users click the "stories".
The Facebook variant is actually a clever bit of social engineering,
IMO. I'd probably read a story about the FBI and Facebook...
Cyndi

Just in time for the Olympics, there is a new security threat making
it's rounds. Here's what another State sysadmin had to say:

>>>
Beginning on August 5, 2008 reports of mass emails claiming to be from
the CNN.com news Web site began to surface. Currently the subject of the
email is "CNN.com Daily Top 10". These emails are not from CNN, and
contain web links to malicious sites that will attempt to install
malware purporting to be an Adobe Flash Player upgrade. The MS-ISAC has
received reports from multiple states including Michigan, New York,
North Carolina and Wisconsin, indicating their users have received these
emails.

As the 2008 Olympics will be starting Friday, August 8, we anticipate
spammers, phishers, and other online attackers may use bogus
"Olympic-themed" headlines in their scams. We recommend that
organizations use this as an opportunity to remind users to use caution
when handling suspicious or unexpected email messages and URLs.

previous forum topic | next forum topic | 496 reads
( categories: teknoids )
FW: New email virus warning
Submitted by callison on Mon, 08/11/2008 - 8:02am.

Johnson, Cyndi wrote:
> I just sent this on and thought I'd share it here, too. We've already
> seen the CNN emails and have had unsuspecting users click the "stories".
> The Facebook variant is actually a clever bit of social engineering,
> IMO. I'd probably read a story about the FBI and Facebook...

I just saw one of the messages yesterday, and I know at least one person
who got bitten by it. (I didn't think it was particularly convincing,
but I don't care for CNN in the first place).

Here's a link to ComputerWorld's article on it:

*Massive faux-CNN spam blitz uses legit sites to deliver fake Flash*
More than 1,000 hacked sites serving up phony update; Adobe issues warning
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9111858

Please tell me you didn't just click on that link... ;-)

James

--
James P. Callison, MCP+I, MCSE
Network Administrator/Webmaster
The University of Oklahoma Law Center ITS
callison@www.law.ou.edu
Now Heaven knows I've been backslidin'
Through the promised land of a hundred proof
I choke down the pain but I can't keep a-hidin'
And I can't seem to lose the backslidin' blues
-- The Del McCoury Band, "Backslidin' Blues"

parent | login to post comments