Security for the masses

Skip to: Content | Sidebar | Footer

Fake Swine Flu Alerts

3 December, 2009 (17:05) | A cat called password. | By: Blogkeep

Alerts regarding H1N1 (swine flu) virus are arriving in inboxes in an attempt to trick users into visiting bogus websites for the Center of Disease Control and Prevention. The email attempts to trick users into believing they are part of a H1N1 vaccination program. Once the link embedded in the email is clicked a web page opens which is a convincing imitation of a CDC web page. Visitors are then prompted to create a user profile, it is during this process that malware gets installed on the victims machine. A link to a “Vaccination profile” is in fact a link to an executable file. The file is a Trojan know as Kryptic or Xpack which attempts to download and install further malware. It also creates a backdoor for remote hackers to control the computer.

More information can be found at ZDNet

Write a comment