The Internet Threat Landscape

Sending electronic greeting cards used to be a craze in the cyber community 5-8 years ago. However, in the recent years, social networking sites and applications such as Facebook and Twitter have taken the center stage where people exchange greetings and well wishes over the internet. A recent attack in Brazil makes another attempt by spreading spam mail sending e-card. A file is downloaded if the victim clicks on the “read” button and the HOSTS file of Internet Explorer is changed, and set to redirect certain Brazilian baking Web sites to a malicious web site. All information posted in any of the said pages will then be grabbed by the attacker.

Read more: http://blog.trendmicro.com/brazil-spam-changing-a-hosts-file/

The controversial sex scandal involving Italian Prime Minister Silvio Berlusconi has recently become target for spammers. The spam mail is crafted in Italian and targeted at the Italians who were concerned over the issue. The spam mail comes with a “Youtube” link which actually came from youtorube.com, and not from the real youtube.com. To view the said video, user must download and install a video codec first. Upon clicking the link, it will download a malicious file named wmpcodec.exe. The spam mail is already detected in TMASE Full Pattern 6726, and all URLs are now blocked by Trend Micro.

Figure 1. Notice the extra letters in the sender domain

Koobface has been affecting several social networking applications such as Facebook, Myspace, Twitter etc. Koobface scams by promoting what appears to be a YouTube video and then you will be asked to ‘upgrade’ your flash player which actually downloads a malicious .exe file which will in turn infect the victim. The virus can automatically start tweeting out the malicious link. The tweets spreading the link usually advertised as “My Home Video”.  Twitter has already started to temporarily suspend accounts that spread the link.

Protect your computer with Trend Micro Internet Security Pro for free!

Click here to read more about how Koobface has affected twitter users.

Even when Michael Jackson’s memorial service has past, there are still a lot of speculations regarding his death. With millions and millions of fans worldwide concerned over the death of the superstar, spammers spared no time to exploit his death with spam messages with subject title that suggests that Michael Jackson was murdered. Clicking on URL in the spam message leads to a website where user is asked to run an .exe file which is actually a Trojan that is in fact a data stealer.

Read more: http://blog.trendmicro.com/spam-speculates-michael-jacksons-murder/

Spam mail claiming to be a security update for Outlook and Outlook express turns out to be a bogus and malicious attempt that leads to Trojan that logs keystrokes and harvest information like username and passwords. As Microsoft frequently issue updates for its full spectrum of software, unsuspecting users may fall victim to this particular scam. Users are advised to get their updates from trusted official URLs and avoid clicking on hyperlinks from unknown sources.

Read more: http://blog.trendmicro.com/critical-update-leads-to-critical-info-theft/

Spam mail disguised as Youtube message with malicious contents are on the loose. It may potentially affect you and everyone else in your address book. Currently the email message is written in Portuguese, but users are warned as nothing is stopping cybercriminals from sending out an English version of this malicious spam.

Read more: http://blog.trendmicro.com/tattletale-spam-reveals-malicious-file-instead-of-gossip/

Spammers waste no time in exploiting every means to achieve their aim. Even before Father’s Day arrives, spammers already spring into action. Spam mail leading to a spoof website is used to harvest victims’ emails. Users are advised to be extra careful when receiving emails from unknown sources.

With Influenza A (H1N1) swine flu on-going ravages around the world, recent spam mail subject are usually related to this, and many offering “drugs” or “vaccines” against it. Mail contents usually points to online pharmacy offering sexual enhancement products. Examples include: