Out-Law / Your Daily Need-To-Know

Spam that links to a phishing Trojan

Out-Law News | 16 Aug 2004 | 12:00 am | 1 min. read

The National Hi-Tech Crime Unit (NHTCU) and APACS, the UK payments association, on Friday warned e-mail users to be on their guard against spam e-mails, purporting to be order acknowledgements, that link to malicious web sites in North America and China.

The e-mails contain details of a fictitious order for web hosting or computer goods. They thank the e-mail recipient for a non-existent order and display the apparent cost that will be charged to the recipient's credit card, together with a link to a web address that supposedly contains more details of the order.

If an e-mail recipient actually visits the address he will find only a site under construction. If he has an unprotected computer, he will also be targeted by malicious code contained on the web page.

This code, known as a Trojan, can carry out malicious acts or give another user remote control of the target computer. In this case the Trojan contains a keystroke logger that will record secret passwords and PINs typed into the PC when the user visits, say, an on-line banking site.

These details can potentially be used to access customers' on-line banking accounts and extract funds, warn the police – a type of fraud known as phishing.

"The NHTCU is continuing to work hard to bring the perpetrators of these elaborate scams to justice," said Detective Chief Superintendent Len Hynds, Head of the NHTCU.

"The criminals behind these attacks are constantly evolving their techniques and changing tactics to target a wider range of victims. With this range of exploits being blended in one piece of code, it is not just about on-line banking. There is a second keylogger and a program that allows the machine to act as a mail proxy that could be used by spammers. It is the Swiss Army knife of the cyber-criminal," he added.

Sandra Quinn, Director of Corporate Communications at APACS, advised, "By being wary of unsolicited e-mails and maintaining basic security measures on your computer you can go on-line with confidence."

The usual advice applies:

Treat every unsolicited e-mail with caution and never click on links from or reply to such e-mails;

Install anti-virus software, keep it up-to-date and run regular security scans;

Install and learn how to use a personal firewall; and

Install the latest security updates.