Fake H1N1 vaccine e-mail leads to malware

[DKT27]

Fake H1N1 vaccine e-mail leads to malware

The e-mail appears to be from the CDC but directs people to a fake CDC site that serves up a Trojan.

You can ignore that e-mail that looks like it comes from the U.S. Centers for Disease Control about creating a profile for an H1N1 vaccination program. It's a malware scam, according to security provider AppRiver.

The fake alert informs recipients that as part of a "State Vaccination H1N1 Program" they need to create a profile on the CDC Web site. The link in the e-mail goes to a fake CDC page where the visitor is assigned a temporary ID and a link to a vaccination profile that is actually an an executable file containing a copy of the Kryptik Trojan targeting Windows, according to an AppRiver

blog post on Tuesday.

Once installed, "this Trojan will create a security-free gateway on your system and will proceed to download and install additional malware without your authorization," the post warns. "It also enables a remote hacker to take complete control of your computer. This malware can log your typed keystrokes and send confidential personal and financial data (including banking information, credit card numbers, and website passwords) to a remote hacker."

AppRiver said it was seeing the fake CDC e-mails at a rate of nearly 18,000 messages per minute, reaching more than one million, in the first hour alone.

This screen shot shows the fake CDC Web page that is distributing the Trojan.

Source -

CNET

[Ambrocious]

And so is this website an actual .gov site? Are normal people suppose to own rights to .gov sites? If no then this is not only a scam, but a governmental scam as well. It's not like the government won't scam us in order to make some money, just look at Al Gore and now go read up on Climate Gate. Man made global warming was a scam created by Al Gore and Ken Lay, the previous CEO of Enron. And now they expect to tax the world on CO2 which is what plants use to create oxygen??? Insanity!

[HX1]

Well the text on that link can say anything you want it to but the code and link itself can be different.. Much like a Phishing scam.. all looks well.. may even be an exact copy but take you all sorts of other places.. do things in the background, upload malicious temp files..on and on..in other words profess to be .gov.. but really isn't..checking the links.. and URL's always a good idea..

[DKT27]

Well Ambrocious, when I posted the article, I was knowin that you would be the first one to comment on it. And same happened.

ANW what heath wrote is true. Things are quite different in the email address and weblinks than we can see. As I've mentioned before, there are many ways of Phishing, one way, if you open a site, you will see the exact original address in the search bar, but no it isn't the real one. Your host file has been modified and then phished so that what you open seems legitimate.

[Ambrocious]

Yeah, I'm aware that the actual address could be different and NOT a government web site. I just was wondering if IT ACTUALLY WAS a government address or not or if it just said it was.