New worm — be careful out there

by Lee Hopkins on December 30, 2007 · 1 comment

in Uncategorized

According to eWeek’s Security Watch, there’s a very nasty bit of code embedded in a website at the moment, all geared up to lure the disarmed net traveller into a false sense of happy yuletide security.

Here’s just a sample of the subject lines in the email you might receive offering you

A fresh new year
A fresh new year…
As you embrace another new year
Blasting new year
Happy 2008 To You!
Happy 2008!
Happy New Year To (emailhere)
Happy New Year To You!
Happy New Year!
It’s the new Year
Joyous new year
Lots of greetings on new year
Message for new year
New Hope and New Beginnings…
New Year Ecard
New Year Postcard
New Year wishes for you
Opportunities for the new year
Wishes for the new year

According to Gary Warner, the main URLs he’s are seeing at this point are:
     uhavepostcard.com <== (majority use this one)
     happycards2008.com
There are more than 100 samples using these two URLs so far. The first was received December 24th at 12:10 PM.

Gary also noted that some of the anti-virus and anti-trojan software that failed to detect it were F-Prot, Kaspersky, McAfee, and Sophos. If you use any of these providers for your protection I assume that they have updated their data files and you should update yours accordingly (which is something you should do on a daily basis anyway — if you are in control of your computer then set your software to auto-update at midnight each night and leave your computer on, just turn your monitor off to save electricity and our planet).

Security Watch suggests you:

  • Install anti-virus software, and keep its virus signature files up-to-date.
  • Block executable and unknown file types at the e-mail gateway.
  • Refer to the Recognizing and Avoiding E-mail Scams document (.pdf) for more information on avoiding e-mail scams.
  • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
  • Very VERY good advice!

    Technorati Tags: , , , ,

    Previous post:

    Next post: