IT security and control firm Sophos is reminding computer users
around the world of the importance of not clicking on unsolicited
emails, no matter how tempting the subject line or content,
following the discovery of a Trojan horse being spammed out as a
news report about the earthquakes in China.
Sophos experts note that this scam is just the latest in a
number of tricks that cybercriminals have been exploiting since the
recent disasters in China and Burma, but warn that while many users
are aware of phishing emails and therefore will not respond, this
attack downloads malicious code onto the user's computer without
them even noticing. Hackers can then use this to steal sensitive
and confidential information for financial gain and to commit
Samples intercepted by SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, show that the
Trojan horse (known as Troj/MalDoc-Fam)
arrives in a user's inbox as a news report which entices innocent
victims to click on the attached word document and read the latest
about the tragedy.
A typical spammed email reads as follows:
"BEIJING, May 20 (Xinhua) -- The death
toll from the earthquake in southwest China's Sichuan Province has
risen to 34,074 nationwide as of 2p.m. Saturday, while 198,347
people were injured, according to the Information Office of the
State Council. Pay attention to attachment for more."
However, opening the Word document attached triggers an exploit
which silently downloads further malware onto the user's
"Over the last few weeks, we've already seen several examples of
cybercriminals trying to exploit the natural disasters suffered by
China and Burma, and it seems there's no end to their tactics,"
Cluley, senior technology consultant at Sophos. "To avoid
falling victim, computer users need to use their common sense and
not open emails from people they don't know. By deleting them
straight away, you're cutting the fraudsters off before they even
have the chance to trick you into giving them money as they pose as
victims of the tragedy, or try and install malware on your
Sophos has been capable of proactively detecting the malware
since 26 March 2007.
Sophos recommends that all computer users ensure their computer security is up to date and that they are
fully protected against the latest spam, email and web threats.