Security news
Security news12 September 2006
When is a phish not a phish? Warning over "anti-phishing" scam Visiting fake news.com.au website infects users with a spyware Trojan horse
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of a scam circulating in Australia which uses an almost-amusing twist on conventional phishing email warnings. Instead of talking you into going online to a bogus website to change your banking credentials, the email strongly urges exactly the opposite. "Dear Australian Bank Clients. You must NOT Update or Confirm Your Account information," it warns.
Instead, the email claims to be from News Limited and shouts out the unlikely story that "this week all AUSTRALIAN BANKS WILL BE CLOSED." Clicking on the link and visiting the bogus news website infects internet users with a phishing Trojan horse designed to steal login details from customers of the Commonwealth Bank and e-gold.
The emails tell internet users that their banks are closing for a week.
"The story is so hyperbolic and so unlikely that it looks and smells like a good old conspiracy theory, with a website to back it up," says Paul Ducklin, Sophos's Head of Technology, Asia Pacific. "Many conspiracy theory sites are intriguing, if ill-informed, but not overtly malicious. This can make them popular for believers and unbelievers alike. But readers who are inquisitive and who follow the web link in this email will be visiting a fake news site which aims to infect them with a phishing Trojan."
Once again, Ducklin warns users to be suspicious of emails which sound too good (or too bad!) to be true, and reiterates the watchphrase of the Internet Industry Association (IIA): "don't buy, don't try, don't reply".
"Not trying and not replying to spam means more than just avoiding a direct email response," explains Ducklin. "You need to be careful not to follow up on any call-to-action in unwanted email. After all, if you don't trust the original email, why would you trust information such as web links, telephone numbers or street addresses in that email?"
Sophos recommends that companies protect their email gateways with a consolidated solution to defend against viruses, spyware and spam, as well as secure their desktop and servers with automatically updated protection.
Download now
- USA number 1 for malware and spam
- Huge surge in email attachment attacks
- Scareware makes users buy bogus products
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
