Watch out for fake “CNN Top 10 News” email
Posted by Jacque on August 6th, 2008
If, like me, you have started to receive emails claiming to be “CNN Top 10 News,” beware that these are more problematic than just ordinary spam.
Computerworld is reporting that clicking on one of the fake news links leads to a message that your Flash player is incorrect. If you follow that link you’ll find yourself with a fake Flash edition that delivers a Trojan horse.
One distinguishing feature of the attack puts you in a perpetual loop so that your only choices are to kill your browser session or be browbeaten into stalling the malware, said Sam Masiello, vice president of information security at MX Logic. Inc. They have detected more than 160 million spam messages in the fake CNN.com attack in the past 48 hours, and more than 1,000 hacked sites are apparently hosting the fake Flash Player update.
Adobe Systems, Inc. advises users to ignore any updates that don’t originate from them, and they remind us that “This goes for any piece of software (Reader, Windows Media Player, QuickTime, etc.) — if you get a notice to update, it’s not a bad idea to go directly to the site of the software vendor and download the update directly from the source. If the download is from an unfamiliar URL or an IP address, you should be suspicious.”
