March 16, 2009 12:02 PM PDT

Scammers customize news to deliver you malware

by Elinor Mills
  • Font size
  • Print
  • 5 comments

Security experts warned on Monday of a new insidious e-mail scam that features false information about a bomb explosion in the recipient's hometown and leads to a malicious Web site.

The subject lines include "Take Care!" and "Are you and your friends in good health?" The e-mail includes a link to what looks like a news article on a Reuters page about the bombing. But the Web page and the news are fake, according to e-mail security provider Marshal8e6 and antivirus firm Sophos.

The scammers are using IP address geolocation techniques to figure out what city the recipient lives in and are localizing the fake bomb news to that location.

Meanwhile, clicking on the fake Reuters video page leads to malicious Waledac code being downloaded on the computer, the security firms said.

Earlier this year, the Waledac worm tricked people with fake Valentine's e-mails.

The fake page circulating now also includes Wikipedia and Google search links as "Related Links" at the bottom in an attempt to make the page look legitimate. However, missing words in the text of the story and poor grammar are giveaways that the page is fake.

Attackers are using IP address geolocation techniques to tailor fake news to the home town of the e-mail recipient in the latest Waledac scam.

(Credit: Marshal8e6)

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

News,

Vulnerabilities & attacks

Tags:

Waledec,

worm,

scam,

localized,

Reuters

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
More attacks expected on Facebook, Twitter in 2010
GSM crypto code cracked, engineer says
Web-based Lookout protects mobile devices, data
Hackers claim to crack Kindle copyright armor
Using Facebook and Twitter safely
Report: FBI investigating Citibank cyberattack
White House appoints cybersecurity chief
So, is it safe to tweet now?
Related
Scammers exploit Google Doodle to spread malware
Using Facebook and Twitter safely
Fake CDC vaccine e-mail leads to malware
Google sues over alleged work-at-home scams
McAfee uncovers riskiest domains
Week in review: Old faces in new places
How low can online scammers go? (BlogsPipeVerification)
How low can online scammers go? (BlogsPipeVerification)
Add a Comment (Log in or register) (5 Comments) (5 Comments)
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET