Malware spammers pose as private eyes

A new malware outbreak, spread through emails claiming to be from private investigators, has been found by Commtouch, an Israeli security firm that specialises in protecting email integrity.

Share

A new malware outbreak, spread through emails claiming to be from private investigators, has been found by Commtouch, an Israeli security firm that specialises in protecting email integrity.

According to the company, the emails tell recipients that a private investigator has been recording the recipients' phone calls and that an audio file of one of the calls is attached to the message. When unwitting recipients download the "call" to their hard drives, their computers become infected with malware.

Rebecca Steinberg Herson, Commtouch's vice president of marketing, said: "Preying on people's guilty conscience with a virus is an ingenious trick of social engineering.

"The email messages are written generically enough to fit almost every possible transgression one might wish to hide, ensuring people will open the attachments."

Some common subject headings for the malware emails include "I'm monitoring you", "You're being watched" and "The tape of your conversation". Commtouch says that the malware is sent in the form of a password-protected, compressed file that appears to be an MP3 sound file.

While Herson says she doesn't know the particular nature of the malware, she suspects that it isn't meant to overtly damage most computers but rather to get information from them or turn them into zombie machines.

"Nobody's bothering to create malware to wreak havoc with the machines anymore," she said. "Instead, they're creating malware that is stealthy and can steal information like passwords through mining information on hard drives."

Herson noted that the private detective malware emails employ tactics similar to the early Storm worm malware emails. Those particular emails purported to be news alerts that lured recipients into inadvertently downloading malware by enticing them with sensationalist headlines such as "Chinese missile shoots down USA satellite" and "230 dead as storm batters Europe".

Now read:

Storm botnet sweeps through Yahoo GeoCities

OWASP: Malware adapts to Web 2.0

UK users get malware from bogus installs

Find your next job with computerworld UK jobs