Security news20 March 2006
Clagger-K Trojan horse distributed in bogus Amazon spam email
 |
| The emails claim to come from Amazon UK. |
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned internet users to be wary of emails claiming to come from online retailer Amazon that say that their credit card will be debited for over £300 (over $500).
The Troj/Clagger-K Trojan horse has been distributed as an attachment in emails with the following characteristics:
From: Amazon.co.uk <payments-support@amazon.co.uk>
Subject: Your payment done.
Message text:
Dear customer!
We're writing to let you know that we've initiated a transfer from your bank account (Last 4-digits: 0402) for the following amount:
GBP 313.14 (ORDER #0220873 , DATE #20.03.2006)
Funds should leave account in approximately three to five working days.
See your statement details in attachment.
To review your account at any time, please access your Account Summary:
https://payments.amazon.co.uk/exec/login?
If you have any questions or concerns regarding this settlement, please contact us at payments-support@amazon.co.uk
Amazon.co.uk Marketplace -- Amazon Services Europe S.a.r.l.
Sell Your Stuff
http://www.amazon.co.uk
Attached file: STATEMENT_#0220873.exe
"These emails do not really come from Amazon, and clicking on the attached file will install a malicious Trojan horse on your computer," said Graham Cluley, senior technology consultant at Sophos. "Once it has slipped under your radar, this Trojan is capable of downloading further malicious code from the internet, giving hackers access to your PC. A real message from Amazon would never contain an attached executable file, and people should always think carefully before running unsolicited code on their computer."
Sophos customers have been automatically protected against the Trojan horse since 12:32 GMT, 20 March 2006.
Sophos recommends companies protect their email with a consolidated solution to thwart the virus, spyware and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
