Share

Related Links

Related Stories

  • Flu spoof delivers trojan
    The inevitable H1N1 flu trojan attacks have started. Yesterday, McAfee detected a new H1N1-related spam campaign, spoofing emails from the Center for Disease Control (CDC) and asking victims to fill out a 'vaccination profile' as part of a state-wide flu vaccination program.
  • Zeus botnet traced to Latvian operation
    Researchers have been busy over the last few days tracing where the Zeus botnet is being controlled from, following investigations by the University of Alabama in the US, which tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the internet.
  • Forensics links fake online postcards to Zeus Bot
    The Computer forensics department at the University of Alabama has tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the Internet.
  • McCartney site serves up Zeus malware
    Paul McCartney's site was serving up the Zeus trojan for three days, according to UK security firm ScanSafe. The attack, in which paulmccartney.com was compromised with malicious Javascript, appears to have been tailored to coincide with interest in his New York reunion concert last weekend.

Top 5 Stories

News

Email Zeus trojan scams on the rise

04 December 2009

Online criminals are stepping up their campaign to infectInternet users with the Zeus trojan, according to new research published by Atlanta-based managed security firm SecureWorks. Email campaigns in particular are on the rise, the company has said.

Email campaigns trying to spread the virulent Zeus trojan malware have increased in particular over the last month, according to Joe Stewart, a researcher in SecureWorks' Counter Threat Unit. The recent campaign designed to capitalize on fears around the H1N1 virus by spoofing emails from the Center for Disease Control is one good example of a malware distribution ruse, the company added.

"Several of these email scams are not only sent out en masse but have been very targeted, appearing to come from a personal organization the recipient knows or involving a subject they are familiar with", said SecureWorks.

As we swing into the holiday season, SecureWorks said that email-based malware campaigns targeting shoppers are more likely to increase. It expects to see a variety of malware scams covering fake holiday gift cards, coupons, electronic greeting cards, and other retail entities.

SecureWorks has published a range of security tips designed to protect online shoppers from malware in the run up to the holidays. This includes looking for the HTTPS preference on websites, indicating SSL protection, and being wary of unsolicited emails. That said, the recent discovery of a fundamental design flaw in the SSL protocol by two factor authentication company PhoneFactor brings such a device into question - SSL apparently no longer seems to guarantee security online.

Shoppers should also use a credit card that limits their liability, SecureWorks said. "Avoid using debit cards to do online purchases when possible so as to limit your personal exposure to any possible fraudulent transactions", the company concluded.

Concerns over the security of online shopping or becoming more important as e-commerce purchases grow during the holiday season. Analytics firm ComScore said this week that spending on cyber Monday (the first Monday after Thanksgiving) was up 5% compared to a year ago.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×