Be wary of bogus Adobe flash download
Posted on | January 9, 2009 | add a comment
The cyber criminals who began spamming out bogus video of the Israel-Hamas conflict on Thursday, appear to have morphed the attack on Friday to feature bogus video of “an amazing speech” by President Elect Barack Obama. Whether it’s one in the same gang — or one gang copying the other — these guys are slick. Clicking on Thursday’s teaser message took you to his fake CNN website:
The good guys at RSA FraudAction Research Lab worked all day Thursday to shutdown the domain, registered in China, that was serving up the bogus CNN landing page. That happened late Thursday night, RSA spokesman Alison Parker told me. But by Friday morning, this similar attack using the Obama speech ruse began circulating, says F-Secure.
In each case, to get to the enticing video, you’re asked to download a new Adobe Flash driver. What you download is a malicious program designed to capture sensitive financial and personal data.
According to AppRiver Senior Security Analyst Fred Touchette, the volume, quality and timing of the CNN attack makes it quite significant. AppRiver on Thursday tracked more than 100,000 attempts to send these emails to unsuspecting recipients, comparable to blasts repeatedly send out by the Storm Worm in its hey day. The CNN attackers are using “a more intelligent social engineering tactic than Storm used most of the time,” says Touchette. “The headlines are timely, as opposed to the more common headlines that have no similarities to the real news of the day.”
Touchette says it’s rare that data thieves design and execute such high quality fake web sites as landing pages. “Today’s emails used realistic-looking headlines that mimic a major current World event: the conflict in Gaza. This is not the first time we’ve seen the CNN.com brand used in a phishing ploy, but the difference here is the headlines are timely, as opposed the more common phishing headlines that have no similarities to the real news of the day.”
Additionally, he says, “today we are seeing extremely professional-looking media graphics, which would make people much less likely to be skeptical. It’s very good social engineering this time. People probably wouldn’t think twice about clicking.
“The timing of the large blast was early (Thursday)Â morning in an attempt by the attackers to catch folks just as they got to work and when most people would normally scan the daily news online.”
–Byron Acohido
