Phishing Scam Exploits Virginia Tech Tragedy

Cybercriminals already are taking advantage of the tragedy at the Virginia school, sending out spam e-mails that lure people to download a Trojan designed to steal banking information.
Just a day after security researchers warned people to be alert for hackers and phishers exploiting the Virginia Tech tragedy, spam promising images of the shootings have begun spreading around the globe.

The spam e-mails carry a photograph of gunman Cho Seung-hui, who killed more than 30 students and teachers at the Virginia school on Monday before killing himself. The e-mails claim to link to a Brazilian Web site carrying movie footage of the campus shootings, according to researchers at Sophos. However, clicking on the link downloads a malicious screensaver file, called Terror_em_Virginia.SCR), which installs a piece of spyware that acts as a banking Trojan, which can be used to steal passwords, user names and account numbers.

"It is extremely disturbing that cybercriminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, it's not that surprising," said Ron O'Brien, senior security analyst with Sophos, in a written statement. "We've seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cybercriminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, we'll see this campaign continue until interest fades."

The U.S.-CERT issued a warning on Tuesday that users and IT managers should be aware that new phishing campaigns generally are launched in the wake of tragedies and natural disasters. Researchers at the government's Computer Emergency Readiness Team advised users to remain cautious when receiving unsolicited e-mail that could be a potential phishing attempt.

Phishing e-mails often arrive in the form of phony requests for donations from a charitable organization, asking the users to click on a link that will then take them to a fraudulent Web site set up to appear to be a legitimate charity.

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing