Sober storms over IM, Yahoo Messenger
Date: December 05, 2005Source: axcessnews.com
The Sober-Z worm sends itself as an email attachment and attempts to turn off security software on the user's computer.
The worm lures innocent computer users into opening its infected attachments using a variety of tricks that include posing as an FBI or CIA agent with attached questions to be answered, and a phoney offer of Paris Hilton and Nicole Richie video clips from 'The Simple Life'. Instead, in the case of every Sober-Z attachment, the zip file contains a copy of the worm with the filename File-packed_dataInfo.exe. The worm then scans the user's hard drive for other email addresses, in its search for other computers to infect.
TrendMicro warns over phishing scam that targets Yahoo! Photos.
In the past week, much attention has been given to the Yahoo phishing scam that is advertised through instant messenger via Yahoo Messenger. The aim of the phisher is to entice a user to click on the given link and provide personal details by logging in through the spoofed Web site that it opens.
The IM arrives with the following text:
http://www.geocities.com/oxox0o_angel_oxox0o/ ^:)^ guess where this pic was taken and guess who is behind me in the picture
or
http://www.geocities.com/oxox0o_cary_oxox0o/ ^:)^ guess where this pic was taken and guess who is behind me in the picture
The spoofed Web site bears a close resemblance to the legitimate Yahoo! Photo’s online login page, and the phishers made no attempt to disguise the Phishing URL in the address bar. The page is hosted by Geocities so it is possible for user's to determine that the Web site is not legitimate. The Phishing Web site asks the user for a user name and password.
Upon clicking on the Sign In button, the gathered information is then sent to the email address:
[email protected] that can be found at the page source of the phishing web site, http://www.geocities.com/oxox0o angel oxox0o/.
Original article
Add comment
Email to a Friend
