Software // Enterprise Applications
News
12/4/2007
03:58 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Watch For Holiday E-Card Spam, Symantec Warns

Some malware authors have even gone so far as to include the phrases "no worm, no virus" in the e-card's text, as if such an assurance made the message safe.

'Tis the season to be wary. Sadly, malware authors are quick to seize on current events to cloak their social engineering attacks -- which typically involve tricking people into clicking on a malicious link or visiting a malicious Web page -- in an aura of legitimacy.

So it is that the holiday season brings a surge in holiday-oriented scams. As security company Cyveillance noted on Monday, phishing attacks jumped by 300% on Thanksgiving Day, compared with the number of attacks seen the previous week.

Another security company, Message Labs, said following Thanksgiving that it was seeing holiday-themed spam coming across its infrastructure at a rate of about 300,000 an hour.

Symantec security researcher Jitender Sarda documented one such attack on Tuesday that uses e-cards.

"These e-cards are purportedly sent from a legitimate source and try to lure the victim to click on the link to view the e-cards, which have underlying tricks to try and infect the computer," said Sarda in a blog post. "With the Xmas bells starting to ring, here is the first incidence where Xmas e-cards have started doing the rounds."

While these e-cards may appear to come from a familiar brand name, the "From:" field is forged. And the spammer responsible, perhaps aware that e-cards have acquired an air of disrepute, has even gone so far as to include the phrase "(no worm, no virus)" in the e-card's text, as if such an assurance made the message safe.

In fact, the link provided attempts to download a file named "sos385.tmp," which is itself a downloader that connects to the Internet and attempts to download other malicious files.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 9, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.