blueeyes
09-28-2009, 12:34 PM
I am sure you techy guys already know about this but I thought I would post for those of us who are not techy.
This came from our techy guy today.
Folks,
Here is a heads up on a virus that is spreading very quickly. This warning came from Louis Aponte, who handles the university's anti-virus efforts. -Ken
IRS scam now world's biggest e-mail virus problem
Criminals are waging a nasty online campaign right now, hoping that their victims' fears of the tax collecter will lead them to inadvertently install malicious software.
The spam campaign, entering its third week now, is showing no signs of slowing down
Since first spotting the spam on Sept. 9, antispam vendor Cloudmark has counted 11 million messages sent to the company's nearly 2 million desktop customers, said Jamie Tomasello, abuse operations manager with Cloudmark. That number is "very high," she noted.
The messages typically have a subject line that reads, "Notice of Underreported Income," and they encourage victims to either install the Trojan attachment or click on a Web link in order to view their "tax statement." In fact, that link takes the victim to a malicious Web site.
The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.
What makes this campaign particularly ugly is that the malware that accompanies the fake IRS messages is a variant of the hard-to-detect Zeus Trojan. This software hacks into bank accounts and drains them of money as part of a widespread financial fraud scheme. Researchers estimate that the Zeus criminals are emptying more than a million dollars per day out of victims' bank accounts with the software. Small businesses have been particularly hard-hit by this fraud, because banks have sometimes held them accountable for the losses.
Testing a recent variant of Zeus on the VirusTotal Web site, Warner found that only five of the 41 antivirus detection systems used by VirusTotal managed to spot it.
Although antivirus vendors have other techniques for blocking the malware -- they can stop people from visiting the malicious Web sites, for example -- the spam is giving the companies a run for their money.
"It's difficult to stay ahead of it via antivirus because the Zeus binaries are changing a few times a day to evade detection," said Paul Ferguson, a researcher with Trend Micro, via instant message. "It's definitely a problem."
Source
ComputerWorld Security
Article by Robert McMillan
http://www.computerworld.com/s/article/9138527/IRS_scam_now_world_s_biggest_e_mail_virus_problem? source=rss_news
This came from our techy guy today.
Folks,
Here is a heads up on a virus that is spreading very quickly. This warning came from Louis Aponte, who handles the university's anti-virus efforts. -Ken
IRS scam now world's biggest e-mail virus problem
Criminals are waging a nasty online campaign right now, hoping that their victims' fears of the tax collecter will lead them to inadvertently install malicious software.
The spam campaign, entering its third week now, is showing no signs of slowing down
Since first spotting the spam on Sept. 9, antispam vendor Cloudmark has counted 11 million messages sent to the company's nearly 2 million desktop customers, said Jamie Tomasello, abuse operations manager with Cloudmark. That number is "very high," she noted.
The messages typically have a subject line that reads, "Notice of Underreported Income," and they encourage victims to either install the Trojan attachment or click on a Web link in order to view their "tax statement." In fact, that link takes the victim to a malicious Web site.
The IRS says not to open attachments or click on links included in e-mail that claims to come from the tax-collection agency.
What makes this campaign particularly ugly is that the malware that accompanies the fake IRS messages is a variant of the hard-to-detect Zeus Trojan. This software hacks into bank accounts and drains them of money as part of a widespread financial fraud scheme. Researchers estimate that the Zeus criminals are emptying more than a million dollars per day out of victims' bank accounts with the software. Small businesses have been particularly hard-hit by this fraud, because banks have sometimes held them accountable for the losses.
Testing a recent variant of Zeus on the VirusTotal Web site, Warner found that only five of the 41 antivirus detection systems used by VirusTotal managed to spot it.
Although antivirus vendors have other techniques for blocking the malware -- they can stop people from visiting the malicious Web sites, for example -- the spam is giving the companies a run for their money.
"It's difficult to stay ahead of it via antivirus because the Zeus binaries are changing a few times a day to evade detection," said Paul Ferguson, a researcher with Trend Micro, via instant message. "It's definitely a problem."
Source
ComputerWorld Security
Article by Robert McMillan
http://www.computerworld.com/s/article/9138527/IRS_scam_now_world_s_biggest_e_mail_virus_problem? source=rss_news