IT security and control firm Sophos is warning music fans to be
wary of opening unsolicited emails claiming to reveal the latest
news about their favourite pop stars. The warning follows the
discovery of a new wave of malware attacks which arrive in the
unsuspecting computer users' inbox and claim to contain a link to a
scandalous video of Madonna.
The emails claim to link to a XXX-rated video
of pop superstar Madonna.
Sophos experts note that the cybercriminals have timed the
attack to coincide with the start of Madonna's new world tour on
Saturday - it is a common tactic for hackers to try to exploit
excitement around upcoming events. However, users that click on the
URL will not see a video of Madonna but will instead download a
Trojan horse called Troj/FakeVir-EW that displays a bogus security
warning encouraging them to purchase a piece of fake anti-virus
software.
Once the hackers have fooled innocent internet users into
handing over their credit card details, there is no telling if they
will use the information for other forms of identity fraud.
"Madonna may have turned 50, but she's still as big a draw to
cybercriminals as young Hollywood upstarts like bad girl Britney
Spears, Paris Hilton and Lindsay Lohan," said Graham Cluley, senior
technology consultant at Sophos. "With the new world tour just
around the corner, it's not surprising that the hackers are trying
to capitalise on this. Using topical stories is one of the oldest
tricks in the book and the danger is that fans of the material girl
will click before they think."
Sophos experts note that this is the latest attack from the
cyber gang responsible for the recent MSNBC and CNN spam campaigns,
and demonstrates that the crooks are not going to give up easily.
Instead, they are continuously altering their emails and malware
slightly in order to avoid detection by less sophisticated spam
filters.
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated
solution at their email and web gateways to defend against
viruses and spam.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.