IT security and control firm Sophos is warning computer users
around the world to be on their guard against a widespread,
malicious spam campaign that poses as breaking news stories about a
bomb blast in your city.
Samples intercepted by SophosLabs claim that 18 people have been
killed in an explosion and link to a video news story on a
supposedly Reuters-related website. In fact, computer users that
click on the link will not find more information on this breaking
news story, but will actually be taken to a website that is
designed to infect their Windows PC with malicious code.
However, Sophos warns that many computer users may not
immediately notice the danger as the website attempts to identify
users' whereabouts and customises the story to appear as though it
relates to their location.
"This is a clever piece of social engineering and shows the
lengths that cybercriminals will go to in order to trick more
potential victims," said Graham Cluley, senior
technology consultant at Sophos. "If you visit the webpage from
Southampton, Bristol or London it is likely to claim that the bomb
blast has occurred there. There are the usual clues that the
observant computer user will recognise as spam - poor spelling and
grammar being the key one - but the danger is that other less wary
users won't notice this and will become engrossed in the story
without realising that their PC is being infected as they
The emails have subject lines including "Why did it happen in
your city?", "Take Care!" and "Are you and your friends in good
health?", and part of the website text reads as follows:
'At least 12 people have been killed and more
than 40 wounded in a bomb blast near market in Amsterdam.
Authorities suggested that the explosion was caused by a "dirty"
bomb. Police said the bomb was detonated from close by using
electic cables. "It was awful" said the eyewitness about blast that
he heard from his shop. "It made the floor shake. So many people
More information on the threat can be found on
Graham Cluley's blog.