«
»

Email Scam Leads To Phony CNN Site

Hackers have launched a new email scam that attempts to lure unsuspecting users to a bogus CNN.com news site using the Gaza conflict in an effort to steal passwords.

The RSA FraudAction Research Lab discovered the scam and says the result of the attack is the infection of computers with a Trojan.

The RSA blog offers more details. “The fake webpage designed and hosted by the online criminals, is embedded as a link within the spam attack email. This fake webpage includes another link to what appears to be a legitimate video but is actually a form of crimeware. When visitors click on the video, they get an error message asking them to install Adobe Flash Player 10 in order to play the video, and a link is provided.”

RSA says that a Trojan is launched when the link to the phony software is accessed called a Trojan “SSL stealer” that grabs financial and personal information of the infected user found on their computer.

Gary Warner, Director of Research in Computer Forensics at the University of Alabama at Birmingham (UAB) recommends that users do not open any emails received from an unknown source and to visit cnn.com and click on news stories from the official site.

This entry was posted on Tuesday, January 13th, 2009 at 9:08 pm and is filed under Identity Theft, Identity Theft Stories. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.