Archive for the ‘Phishing Schemes’ Category

back82.org linked to Phishing Email with Trojan Spoofing CNN The Daily Top 10

Author admin on August 7th, 2008

McAfee SiteAdvisor has released a warning about the website back32.org which has been using a phishing email to exploit internt users’ computers with adware, spyware, or viruses.

The attack is launched in a phishing email spam from designed to look like it’s originated from CNN. Called “The Daily Top 10″ which comprises some of the top stories featured at CNN, the email attempts to lure victims to click on a link and visit a spoofed site where they will see something like below :

Top 10 Stories
1. Ex-Google engineers debut ‘Cuil’ way to search
2. Ryan Seacrest survives California shark attack
3. US beef unsafe for consumption
4. Learn how to be a guru in finding G-spots
5. Boy thrown outside window in school
6. 5 more arrested from west Texas polygamist sect
7. Air force one crashes in Iraq
8. Madonna admits to 12 different affairs
9. Madonna admits to 12 different affairs
10. Murderer on the loose after cop bungle in Iowa		 Top 10 Videos
1.A-Rod to wed Madonna in September
2. IBM to file for bankruptcy
3. Private plane travel to be banned
4. Maggie Q seen with Brad Pitt
5. Massive earthquake in Japan kills thousands
6. IBM to file for bankruptcy
7. Mass suicide of prisoners in US cell
8. Bush plans to kill prisoner
9. Hillary finds ladies’ stuff in house, storms off in a huff
10. Madonna seduced Timberlake on set

The phishing email also contains a footer section that appears to be legitimately from CNN, complete with unsubscribe links :

Cable News Network LP, LLLP. One CNN Center, Atlanta, Georgia 30303
© 2008 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.

Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
You have agreed to receive this email from CNN.com as a result of your CNN.com preference settings.
To manage your settings click here.
To unsubscribe from the Daily Top 10, click here.



If you do click one of the links you’ll get an innocuous-looking CNN-branded video player and an error message with a notice “Video ActiveX Object Error. Your browser cannot play this video file.” The message then prompts you to install an ActiveX Object… which, of course, is actually a Trojan horse. You can read more about the specific threat here. (Essentially it opens a door to allow for even more malware to be installed.)


If you get one of these emails, DO NOT click on the links and under no circumstances should you allow the site to install the ActiveX component.

Firefox users are not affected by this exploit.

permalinkRead More CommentComments (0) CatPhishing Schemes, Trojan Alerts
CSS Template by RamblingSoul