E-Greetings Pose Security Risk
Cybercriminals are increasingly using E-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday.
![](https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/bltc0182b2356ae8eed/64b83949410a1b4c0bd7459b/IW_generic_image.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
Cyber criminals are increasingly using e-greetings to lure consumers into clicking on links that download malicious code into their computers, a security expert said Tuesday.
Over the last three months, Internet security vendor SurfControl Plc has tracked a 30 percent jump in malicious e-mail threats, with more than half attempting to entice recipients to click on a link that takes them to a fictitious e-greeting card.
"This rise in malicious e-greeting attacks is being driven by a multi-billion dollar black market for stolen information," Susan Larson, vice president of global threat analysis for SurfControl, said in a statement.
In addition, there has been a sharp rise in the number of e-mails disguised as legitimate communications from a company's IT department or other legitimate business group, the Scotts Valley, Calif.-based, company said.
The number of malicious code-based e-mail threats is expected to double over the next quarter, according to SurfControl.
The malicious e-greeting messages, which are often difficult to detect at a casual glance, direct the recipient to click on a link that takes them to a normal-looking e-greeting card. Behind the HTML, however, is Java script that gathers vital computer settings, such as operating system, browser, virtual machine and anti-virus settings, and then downloads a Trojan best suited for infecting the machine.
The attackers hope to turn the computer in zombies for sending illegal spam messages, or to install key-loggers in order to try to steal passwords used in online banking or other websites, SurControl said.
About the Author(s)
You May Also Like