Experts at SophosLabsâ„¢ are
warning of a new attempt to infect PCs with malware by someone
posing as a long lost school friend. According to Sophos, internet
hackers - taking advantage of the current popularity of
social-networking and online friendships amongst adults - are using
the lure of a possible internet romance in an attempt to trick the
unwary into downloading a password-stealing Trojan horse.
The emails, which have been spammed out across the internet,
purport to be from a young blonde woman with pigtails called Ann
Berns who claims that she went to high school with the recipient.
The author refers to fond memories of after-school walks and
classroom conversations in an attempt to encourage the recipient
into investigating further and clicking on a URL to her personal
homepage. Sophos experts note however that the link actually leads
to a Trojan horse designed to break into online accounts and commit
identity theft.
Part of the email reads as follows:
Hi! I'm not sure if you remember me..
I'm Ann Berns, I guess we went to high school
together.
It was quite a while ago but I still remember our
friendship.
Do you remember that walk after classes? It was really
cool!
I still think about you sometimes, all that fun, all whispering
chats during classes. Do you want to see what I look like now?
Visit my home page then, it's at http://[REMOVED]
"The lonely, the horny, or the just plain curious might be
tempted to click on the link - but if they do they risk falling
straight into a trap set by hackers," said Graham Cluley, senior
technology consultant for Sophos. "It's a pretty sad state of
affairs that cybercriminals need little more than a picture of a
blonde woman with pigtails to steal passwords from unwary internet
users. Everyone needs to learn to take more care over unsolicited
emails, and ensure that they are properly defended when they open
their email inbox or surf the web."
Users who click on the link in the email are
taken to a webpage containing a picture of a young blonde woman
with pigtails.
Unlike many other anti-virus vendors Sophos did not have to
issue an update to protect its users against the malware as
Sophos's Behavioral Genotype®
Protection technology was already able to proactively identify
it as Mal/Behav-121. Users of
other vendors' products are recommended to update their protection
and ensure that they are defended from the threat.
Earlier this week, Sophos reported that emails claiming to
contain naked
pictures of Angelina Jolie and Halle Berry had helped hackers
break into PCs.
"People need to think with their heads, not lust with their
loins," continued Cluley. "The use of attractive young women by
hackers to infect the unwary is far from a new trick - but it's one
that seems to work time and time again."
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.