Symantec 26 日公佈發現一種社交工程垃圾郵件 (Social engineering spam) ,郵件冒以網絡安全軟件公司名義,提醒用戶下載並執行附加檔案,以更新該防護軟件由於近日網絡上不斷出現類似 Cryptolocker Trojan 等木馬程式,用戶普遍擔心現有安全軟件未能探測所有病毒,所以不會對這些電郵更新提示產生懷疑,在未經仔細考慮下便進行下載並更新。
以下是發現偽冒安全軟件公司名義發出的電郵及相關標題,提醒用戶為軟件升級︰
AntiVir Desktop: Important System Update - requires immediate action
Avast Antivirus: Important System Update - requires immediate action
AVG Anti-Virus Free Edition: Important System Update - requires immediate action
Avira Desktop: Important System Update - requires immediate action
Baidu Antivirus: Important System Update - requires immediate action
Cloud Antivirus Firewall: Important System Update - requires immediate action
ESET NOD32 Antivirus: Important System Update - requires immediate action
Kaspersky Anti-Virus: Important System Update - requires immediate action
McAfee Personal Firewall: Important System Update - requires immediate action
Norton AntiVirus: Important System Update - requires immediate action
Norton Internet Security: Important System Update - requires immediate action
Norton 360: Important System Update - requires immediate action
Symantec Endpoint Protection: Important System Update - requires immediate action
Trend Micro Titanium Internet Security: Important System Update - requires immediate action
雖然電郵標題有所不同,但含有惡意軟件的附加檔案卻沒有改變,一旦檔案被啟動,便會即時連接到 networksecurityx.hopto.org ,自動下載另一個惡意軟件。
Symantec 提配用家在開啟不明電郵或社交網站上的連結時,必須提高警覺,避免開啟任何可疑連結,避免開啟任何來歷不明的檔案,回覆電郵時,不要提供個人資料。
.黑客郵件冒安全軟件升級通知 不少用戶未經考慮執行附件中招 數碼新聞,
http://digital1010.blogspot.com/2013/11/blog-post_6719.html
