Breaking Into Your PC: News...

You'd better learn news from media, not from emails, security experts warn us users again.

Numerous emails with "breaking news" in subject lines are appearing in users' inboxes. If you got one, don't look into such a message -- delete it straight away. Don't open its attachment. Those who distribute malicious code take advantage of our curiosity. They use especially effective social engineering techniques to lure users into opening attachments and following links.

Is there anybody who wouldn't like to be the very first one to learn breaking news or see something really exciting? For example, something like:

"Osama bin Laden caught",
"Saddam Hussein has died",
"Michael Jackson tried to commit suicide".

Would you like to open a message with such a subject line and learn what's in it? You'd better not. There are malicious programs inside these "news" waiting for you to click.

These (and similar) tricks are usually called social engineering. Online criminals have become good psychologists. They are ingenious in finding new ways to make people do what they want -- open an attachment or click on a link to visit a certain website. For these unprincipled rogues it's all right to profiteer from human tears and blood -- they actively use news about tragic events as a bait.

One of the latest, detected by Trend Micro in mid-July, was a spam e-mail with "TERROR HITS LONDON," subject line. It mimicked a CNN newsletter and asked the recipients to "see attachments for unique amateur video shots." When a user opened the attachment, his PC gets infected with the Trojan horse program named Troj_DonBomb.A

On August 5th another one was reported by Sophos-- an email disguised as an alert about the death of 140 US marines in Iraq. The email claims to contain a breaking news report from Guardian Unlimited and has a link to the "full story" which leads users to a bogus web page with two Trojans built in.

Cgab-A and Borodr-Fam Trojans slip through unpatched Internet Explorers. These Trojans will allow the criminal to take full control over the infected PC; they also be collecting the user's personal information and using his computer to send more copies of thesmselves.

It's not the first time these emails are disguised as news alerts -- there were outbreaks when infected spam posed as CNN news. It seems that spoofing legitimate news agencies to infect more PC users by means of bogus "news alerts" has become a popular social engineering technique. And by all means there will be more of them in future.

So, it's better not to learn any news from e-mail messages. Try to resist the temptation to open email with some REALLY BREAKING NEWS.

Don't open, don't click. And patch your browser.

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security. The company's R&D department created an innovative technology, which disables the very processes of information capturing -- keylogging, screenshoting, etc. It makes the company's anti-spy software truly unique: it doesn't detect spy programs or information-stealing Trojans one by one -- they all simply can't work.

Learn more -- visit the company's website anti-keyloggers.com