Is there a patron saint of computer users? There should be.
Well, whoever they might be, we should give thanks to them that time and time again hackers make elementary mistakes that mean (if we keep our wits about us) we can avoid our computer becoming infected.
Take this Spanish-language email which has been spammed out, for instance, claiming to point to an update for the Adobe Flash Player:
At first glance the email may look legitimate enough to any Spanish computer users receiving it in their inbox. The subject line reads “Ya hay disponible una actualizacion de Adobe Flash Player” which translates as “An update is now available Adobe Flash Player”.
But look a little more closely and you’ll see that twice in the email “Adobe” is misspelt as “Adoble”. Which I must admit makes me think more of the Spanish Paso Doble dance than the vendor of a web plug-in.
If you did make the mistake of clicking on the link embedded inside the email then you are taken to a webpage that exhorts you to download a fake update to Adobe Flash which Sophos detects as Mal/Behav-359:
Again, there’s more evidence of spelling sloppiness on the part of the hackers. See that last sentence? They’ve spelt it “requiered” rather than “required”. It’s an elementary mistake, but should ring alarm bells in your head if you’re looking out for signs that something suspicious might be going on rather than desperately downloading an update.
So how do these tiny clues and mistakes manage to sprinkle themselves into a hacker’s attack? Is there some divine intervention that is ensuring that so many cybercriminals keep making daft errors, putting a spanner in the works, and helping to tip off potential victims? Whatever the reason, I hope it continues for as long as there’s a malwre problem.
Of course, the lesson all computer users need to learn is that you should always be suspicious of unsolicited emails and always visit the vendor’s own website for legitimate updates to the likes of Adobe Flash.
Update: Julio Canto of VirusTotal has been in touch, informing me that the Spanish used in the email is of very poor quality, and so was probably created by an automatic translator.
Thanks also to Tom Meersschaut of Impakt in Belgium, who informs me that there is a patron saint of computer users! Saint Isodore of Seville.
Marvellous! You can always rely on Clu-blog readers to fill in the gaps. :)