Helping people with computers... one answer at a time.
This is Leo Notenboom for askleo.info.
This week millions of email users began receiving email with subject lines relating to current and breaking news, such as "230 dead as storm batters Europe" accompanied by an attachment with a promising name like "Full Clip.exe".
Regardless of the subject of the email or the name of the attached executable, it's a worm. Apparently it's become one of the larger outbreaks in recent years.
What's new about this particular worm is its use of social engineering and current events to entice you to open its attachment. More commonly in the past email borne malware has been fairly generic, with standard and often easily recognizable come-ons or fractured English. This new breed of malware takes some news event - often while it's happening, as in the case of the European storm - and relies on people's intense interest in the story to get them to forget about their normal caution regarding attachments.
Other versions I've seen this week have been even more provocative by building on, or even fabricating, news based on current events. "Sadam Hussein safe and sound!" with an attachment "Full Text.exe". This example simply makes up news that is so sensationalistic based on the recent execution of the former Iraqi leader that it almost begs to be opened. Or "Russian missile shot down USA aircraft." with an attachment "Read More.exe". This is based on China's recent successful test, shooting down one of their own satellites with a ground based missile. I've now seen several versions of that headline with more and more changes: who shot the missile varied; who's satellite was shot down changed; even wether it was a satellite, a plane or something else entirely was different in different versions of this worm.
The only thing they had in common was that they were primarily a headline with an executable attachment whose name promised more.
And if you open the attachment, you'll get more alright - just not the more you were expecting.
All this should serve as a reminder to us all that email based malware is out there, and sometimes they can look pretty darned enticing.
Breaking news isn't going to get distributed by random email from people you've never heard of. And even if it is from a familiar name, it's still best to avoid it. There are plenty of places on the web where you can go and ask for the latest headlines. Not only will they be accurate, but they won't infect your computer with who knows what.
I'd love to hear what you think. Visit askleo.info and enter 11087 in the go to article number box and leave me a comment. While you're there, search over 1,000 technical questions and answers on the site.
Till next time, I'm Leo Notenboom, for askleo.info.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.