The cyber-scum responsible for spam will, just like the advertising industry, always seize on any person or event that achieves prominence in the public view. Thus it was always going to happen that names prominently associated with the US presidential election would be sensationalized in e-mail subject lines, with the goal of getting you to open the message to read “the rest of the story”.
Predictably there has been a flood of malware and spam associated particularly with the names Obama, McCain and Palin.
Some of this spam is just unprincipled advertising, but much of it contains or leads to a malware attack. Open such a message or follow links contained therein and you’ll be hit with a virus that will attempt to steal and re-transmit personal data from your PC.
There will often be a window of vulnerability between the appearance of a malware exploit and the implementation of a block for it by the anti-malware vendors. Thus total reliance on your protective applications, no matter how good they are, can lead to your downfall. As I’ve repeated to members of The Hacker’s Nightmare family many times in the past: “The first line of defense is the human brain”, so keep it engaged and alert to attempts to subvert you and your system.
By staying alert and applying commonsense you don’t need to know in advance the subject lines of dangerous messages that have been reported in the press or by investigators — they should be blatantly obvious to you. You should also know not to take too much notice of the apparent sender’s e-mail address. What are the chances of you suddenly receiving legitimate messages from addresses like BBC.COM, NBC.COM, etc if you have never subscribed to the regular e-mail services provided by those organizations? Another popular sender e-mail address for this spate of garbage has been news@president.com. Even if PRESIDENT.COM was associated with the White House (which it isn’t), is it likely they suddenly decided to include you on their mailing list?
Some versions of the election spam offer a flash video for your entertainment, but first you must download the latest version of Adobe Flash from a link they provide for you. Of course you wouldn’t fall for that one, because you already know that if you were going to install or upgrade your Adobe Flash player, you would do it only by going directly to the Adobe Web site. Don’t you?
But if you click away without first engaging brain, you’ll end up installing a Trojan designed to steal passwords, credit card details, screen-shots and every stroke entered at the keyboard, and send that information back to the hackers’ web server in Kiev, Ukraine.
Probably not a result you’ll be comfortable with.
{ 1 comment… read it below or add one }
Testing Testing Testing…
1234567890…
END