SECURITY TO THE CORE

hi5 Spam Invites Users to Download a Malicious Worm


Recently I’ve received some spammed messages that purported to be from hi5, “a global destination where young people meet and play.” The site claims to have more than 50 million monthly visitors and to be the third largest social media site in the world. Its a kind of social networking site like Orkut, facebook etc.

The bogus email asks users to add its sender to their lists of friends just like any normal social-networking invitation. What is odd about this email, however, is that it first asks recipients to download and open an attachment, which supposedly contains an invitation.

Inexperienced  users who are tricked into downloading and opening the compressed file (Invitation Card.zip) end up executing a malware detected as WORM_PROLACO.AA instead of an invitation. The attachment contains a file named Document.htm. However, upon closer examination by expanding the Name column in the window, users will discover that the supposed .HTM file is really a .EXE file which is malicious.

The social-engineering technique used in this spam run is probably one of the oldest tricks in the “Spammers’ Handbook,” if there is one. This is precisely why users are always reminded to be wary of opening email messages from people they do not know and to scan file attachments before downloading them onto their systems.

I request my readers and other internet users to use caution when opening email and downloading attachments from senders they do not know..

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s