Scammers customize news to deliver you malware

Latest Waledac scam fakes bomb news in e-mail recipients' hometown and then links to malicious Web site that looks like a Reuters article.

Security experts warned on Monday of a new insidious e-mail scam that features false information about a bomb explosion in the recipient's hometown and leads to a malicious Web site.

The subject lines include "Take Care!" and "Are you and your friends in good health?" The e-mail includes a link to what looks like a news article on a Reuters page about the bombing. But the Web page and the news are fake, according to e-mail security provider Marshal8e6 and antivirus firm Sophos.

The scammers are using IP address geolocation techniques to figure out what city the recipient lives in and are localizing the fake bomb news to that location.

Meanwhile, clicking on the fake Reuters video page leads to malicious Waledac code being downloaded on the computer, the security firms said.

Earlier this year , the Waledac worm tricked people with fake Valentine's e-mails.

The fake page circulating now also includes Wikipedia and Google search links as "Related Links" at the bottom in an attempt to make the page look legitimate. However, missing words in the text of the story and poor grammar are giveaways that the page is fake.

Attackers are using IP address geolocation techniques to tailor fake news to the home town of the e-mail recipient in the latest Waledac scam. Marshal8e6

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

Delete your photos by mistake?

Whether you've deleted everything on your memory card or there's been a data corruption, here's a way to recover those photos.