CERT mailing list archives
Current Activity - Malicious Email Campaign Circulating
From: Current Activity <us-cert () us-cert gov>
Date: Thu, 9 Sep 2010 20:58:11 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity Malicious Email Campaign Circulating Original release date: September 9, 2010 at 8:46 pm Last revised: September 9, 2010 at 8:46 pm US-CERT is aware of public reports of malware spreading via email. These reports indicate that the malicious email messages contain the subject line "Here you have" or "Just For You" and contain a link to a seemingly legitimate PDF file. If users click on this link, they will be redirected to a malicious website that will prompt them to download and install a screensaver (.scr) file. If they agree to install this file, they will become infected with an email worm that will continue to propagate through their email contacts. US-CERT encourages users and administrators to take the following preventive measures to help mitigate the security risks: * Install anti-virus software, and keep its virus signature files up-to-date. * Do not follow unsolicited web links received in email messages. * Refer to the Recognizing and Avoiding Email Scams (PDF) document for more information on avoiding email scams. * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on avoiding social engineering and phishing attacks. Relevant Url(s): <http://www.us-cert.gov/cas/tips/ST04-014.html> <http://www.avertlabs.com/research/blog/index.php/2010/09/09/widespread-reporting-of-here-you-have-virus/> <http://www.us-cert.gov/reading_room/emailscams_0905.pdf> ==== This entry is available at http://www.us-cert.gov/current/index.html#here_you_have_email_malware -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTImCkj6pPKYJORa3AQLnfAgAngyGH+hEInZH8r+v2t4KtZzTfMRdZwOe wtpF+ZJK/Qba5D8eCmSeecnONYXG1TUH8J4tYZOivdS/XTR8fdXKepnV7Ur7iuhW /4FW6ue/riaAnpQQi/E1RVwpcoZ9BLPMd4JRcPZohmyrPgPMHZKWs8QiSADfK3oh JJNi9cW1GArlEMaa7Yo8EMorUjq2MQtPYjtRovs31tOeT1aliMBzy/g1a/0FKaXt C75472bQEs5XNE+WTR+MSh4BsqSq3A4WbJ0h8rGQge/pMA9EuPCi4SiLG+GY4QhB pLnllkoiKOSlp5JTAykWKoUJ6FAYQJBe++CnfcWRvwQZ1w2+jenDxw== =QGdj -----END PGP SIGNATURE-----
Current thread:
- Current Activity - Malicious Email Campaign Circulating Current Activity (Sep 09)