Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
computer users to be wary of unsolicited emails posing as breaking
news reports, following the widespread distribution in Australia of
a malicious message which claims that Prime Minister John Howard is
fighting for his life after a heart attack.
The emails pretend to be a link to a news story from The
Australian, a daily newspaper, and start as follows:
SYDNEY, February 18, 2007 08:56pm (AEDT) - The Prime
Minister of Australia, John Howard have survived a heart attack. Mr
Howard, 67 years old, was at Kirribilli House in Sydney, his prime
residence, when he was suddenly stricken. Mr Howard was taken to
the Royal North Shore Hospital where the best surgeons of Australia
are struggling for his life.
The fake news story points to a website
containing malicious code.
Clicking on the link takes users to a webpage which downloads
malicious code to their PC, and then displays the real '404 page
not found' error page used by The Australian on news.com.au. The
viral code attempts to steal online banking usernames and passwords
from web surfers.
John Howard is the latest in a long line of public figures to be
used as bait by malware authors and hackers. Politicians such as
Vladimir
Putin, Margaret Thatcher, Ronald Reagan, Arnold Schwarzenegger,
Bill Clinton,
George W
Bush and PW Botha have been have been used in the past.
Furthermore, the promise of glimpses of glamorous pin-ups like
Halle Berry, Anna Kournikova, Julia Roberts, Jennifer Lopez, Britney Spears or the stars
of 'Sex and the
City' have previously been used to help viruses spread.
"It seems the hackers are back to their old tricks of spamming
out sensational headlines in the hope that computer users will
forget to think before they click, and visit the website hosting
the malignant code," said Graham Cluley, senior
technology consultant for Sophos. "The scammers have registered
several domain names that appear to be associated with 'The
Australian' newspaper, and have gone to effort to make people think
that they really are visiting the genuine site by pointing to the
real error page. Everyone should be on their guard against this
kind of email con-trick, or risk having their PC infected."
Sophos customers are proactively defended against the attack,
without requiring an update, through Sophos's Behavioral
Genotype® technology.
"Sophos's proactive protection meant that even if customers
clicked on the link, the malicious code would not be able to run,"
continued Cluley. "This type of defense becomes more and more
important as cybercriminals escalate their attempts to infect
computers by creating multiple versions of their malware."
In January, Sophos published
its Security Threat Report 2007, which revealed the increasing use
of the web as a vector for malicious attacks by hackers. The report
can be downloaded from the Sophos website:
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated
solution at the email gateway to defend against viruses,
spyware and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.