CudaMail Solutions

 Thursday, June 19, 2008
CudaMail protects customers from new Storm Worm.
Thursday, June 19, 2008 11:15:26 AM (Mountain Daylight Time, UTC-06:00) ( Anti-Spam | Barracuda Spam Firewalls | CudaMail | Phishing Scams | Spam | Spam Filtering Service | Spam Stats | Threats )
The US-Cert is warning people about a new storm worm surge that is taking advantage of peoples interest in what is happening in China with both the recent earthquake and the Olympics foremost on people's minds.

Of all the messages processed recently by CudaMail with the words 'China' or 'Olympics' in the subject line we were able to block, quarantine or tag this new spam surge with only a handful of them getting through to our customers. This was while at the same time allowing the legitimate messages through as some of our customers do a brisk business with partners in China and will not stand for false positives.

 
The warning from US-Cert is included below so you can see some of the variations of subject lines that are being used but this is not a complete list as the storm worm continues to change the subject line and links to try and evade the anti-spam measures in place such as CudaMail.

 - Shaun

US-CERT Current Activity

New Storm Worm Variant Spreading

Original release date: June 19, 2008 at 11:23 am Last revised: June 19, 2008 at 11:23 am

US-CERT has received reports of new Storm Worm related activity. The latest activity is centered around messages related to the recent earthquake in China and the upcoming Olympic Games. This Trojan is spread via an unsolicited email message that contains a link to a malicious website. This website contains a video that when opened may run the executable file "beijing.exe" to infect the user's system with malicious code.

Subject lines can change at any time, but the following subject lines are noted as being used:

  * The most powerful quake hits China

  * Countless victims of earthquake in China

  * Death toll in China is growing

  * Recent earthquake in china took a heavy toll

  * Recent china earthquake kills million

  * China is paralyzed by new earthquake

  * Death toll in China exceeds 1000000

  * A new powerful disaster in China

  * A new deadly catastrophe in China

  * 2008 Olympic Games are under the threat

  * China's most deadly earthquake

US-CERT encourages users and administrators to take the following preventative measures to mitgate the security risks:

  * Install anti-virus software, and keep its virus signature files up-to-date.

  * Do not follow unsolicited web links received in email messages.

  * Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.

  * Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

US-CERT reminds users to beware of future phishing attacks that may target natural disasters and the Olympic Games.

Relevant Url(s):
http://www.us-cert.gov/cas/tips/ST04-014.html

http://www.us-cert.gov/reading_room/emailscams_0905.pdf

 ==== This entry is available at

http://www.us-cert.gov/current/index.html#new_storm_worm_variant_spreads2

Comments [0] | Trackback | # 
 Tuesday, May 20, 2008
Natural Disasters and Phishing Scams
Tuesday, May 20, 2008 9:11:29 AM (Mountain Daylight Time, UTC-06:00) ( Natural Disasters | Phishing Scams )
Fires and floods and earthquakes, oh my...

Great reminder from US Cert on protecting yourself from the opportunists that prey on the feelings and emotions of all when a natural disaster strikes. At times when your heart strings are being pulled on it is almost as if the brain get's switched off and this provides an opening for the scammers to strike and they will.

If you want to help out in a situation like this then go through the official channels and not allow yourself to be solicited via a message delivered in an e-mail even if it comes from one of your trusted friends or family.

- Shaun

> From the US Cert (Computer Emergency Readiness Team) Natural Disasters and Phishing Scams

Original release date: May 19, 2008 at 4:30 pm
Last revised: May 19, 2008 at 4:30 pm

In the past, US-CERT has received reports of an increased number of phishing scams that take advantage of natural disasters. Due to recent natural disasters, US-CERT would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for donations from a charitable organizations asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises.

Users are encouraged to take the following measures to protect themselves from this type of phishing scam:
  • Do not follow unsolicited web links received in email messages.
  • Review the Federal Trade Commission's Charity Checklist.
  • Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

For additional information regarding phishing, US-CERT recommends reading the following documents:
  • Recognizing and Avoiding Email Scams (PDF)
  • Avoiding Social Engineering and Phishing Attacks

Relevant Url(s):

http://www.us-cert.gov/cas/tips/ST04-014.html

http://www.us-cert.gov/reading_room/emailscams_0905.pdf

http://www.ftc.gov/bcp/edu/pubs/consumer/telemarketing/tel01.shtm

http://charityreports.bbb.org/public/All.aspx?bureauID=9999

====

This entry is available at:

http://www.us-cert.gov/current/index.html#natural_disasters_and_phishing_scams

Comments [0] | Trackback | # 

About the author

Shaun Sturby, MCSE Shaun Sturby, MCSE
Technical Services Manager, and Optrics' point person for email security

  Navigation

Home
Archive
CudaMail.com
BarracudaNetworks.ca
Optrics Inc.
Shop.Optrics.com

  Search

  Tag Cloud

Adobe (1) Anti-Spam (24) April Fool's Day (1) Barracuda Central (2) Barracuda Networks (5) Barracuda Spam Firewalls (4) Barracuda Web Filter (1) Barracuda Website Firewall (1) Black Market (1) CudaMail (22) Disaster Planning (1) e-cards (1) False Positives (1) False Spam (3) Fast Flux (1) Fortinet (1) HydraFlux (1) Identity Theft (1) Illicit Trade (1) McAfee (1) Memorial Day (1) Microsoft Exchange (1) MX Backup (1) National Geographic (1) Natural Disasters (1) ORDB (1) Outlook Plug-In (2) PDF Malware (1) Phishing Scams (2) Postini (1) Regional Based IP List (1) Robert Soloway (1) S.P.A.M. (1) Secure Computing (1) Sophos (1) Spam (10) Spam Filtering Service (8) Spam Stats (6) SPF (2) SQL Injection (1) Storm Worm (1) Threats (13) US-CERT (1) Valentine's Day (1)

  Category Feeds

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

  Archive

July, 2008 (2)
June, 2008 (6)
May, 2008 (4)
April, 2008 (7)
March, 2008 (5)
February, 2008 (9)

  Blogroll

 BarracudaNetworks.ca
 Optrics.com
 Squidoo CudaMail Lens

RSS 2.0 | Atom 1.0 | CDF


Send mail to the author(s) E-mail Us

  Statistics

Total Posts: 35
This Year: 35
This Month: 2
This Week: 1
Comments: 5

CudaMail Blog Subscribe

Subscribe

Sign In


Technology Blogs - BlogCatalog Blog Directory
 

© Copyright 2008, Optrics Inc.