malicious spam warns of nuclear explosions

[TrafficProducer]

By Shaun Nichols in San Francisco VNU Net - Friday, September 12 11:58 pm

A new outbreak of malicious spam is attempting to lure users by telling of nuclear explosions in nearby regions.


Security firm Sophos has found the attacks circulating in the UK and Australia, while users have also reported a version of the spam localized for Canada.

The UK version of the message claims that the explosion occurred at a " United Kingdom nuclear power station located in the suburbs of London" at roughly 3pm on September 9th.
The message then goes on to claim that the incident is being covered up and that photos of the victims' bodies are in the attached file. When the user opens the "victims. zip" file, a malware infection is launched. Amongst the malicious payload is spyware and data-stealing malware.
Sophos senior technology consultant Graham Cluley said in a company blog posting that in addition to updated software and anti-virus protection, users should follow best practices of not opening the suspicious attachments.

"Rather than use a real life event, the hackers have turned to fictional explosions and conspiracy theories in the hope they will strike a nerve with potential victims who will then click on the attachment without a second thought," he wrote.

"Alarm bells should be sounding, but until everyone wakes up to these social engineering tactics, the cybercriminals will continue to use them"

Fabricating news stores is becoming an increasingly common tactic for distributing malware. Earlier this year, a high-profile spam run centered around stories of the US launching an attack on Iran.
The infamous Storm worm also made use of fake news. The malware botnet attempted to lure in new victims through reports of earthquakes in Paris and the kidnapping of Donald Trump.

First viewed here