Sophos Cloud Optix
It’s 8:30am. You stumble into work half asleep and slouch at your desk. You boot up your computer.. tick tick tick. It runs its system diagnostics and you see the Windows logo lurch into view.
Umpteen programs (half of which you’ve forgotten what they do) start up in your system tray, and you automatically click on your email inbox. More whirring, wheezing and hissing..
Slowly your inbox comes into view and you find an email, from a young woman called Emily.
Subject: nake pics as you've requested
Message body:
I am hungry for sex. If you feel the same then take a look at my picture I am attaching to this email and reply back so we could hook up.Attached file: pic.scr
Suddenly you perk up! Bonjour!
It’s a trick as old as time, of course. Unsolicited emails, arriving out of the blue, offering you pictures of the sender’s naked wife, a nude picture of Jennifer Lopez or a school sweetheart with pigtails, but really delivering a sting in the tail.
In this latest case, the attachment carries a Trojan horse – Troj/FakeAV-IU – which attempts to scare you into buying a fake anti-virus product.
Come on guys, it’s 2011. We should all be smart enough not to fall for tricks like this anymore. You should always be asking yourself why is someone sending this to me? Do I seriously imagine that a complete stranger is going to seek me out as a sexual partner over the internet, sending me photos of herself naked, despite never having communicated with me before?
Computer technology is becoming more sophisticated all the time, but it seems that their users are still neanderthals when it comes to being duped by simple social engineering tricks like the promise of naked pictures.
You're right, it is 2011. So you would think the virus creators would've given up on these tactics. Sure it will still work on some users but most know better. Sophos normally would catch attachments like this anyway like most antivirus software out there. Spyware/Malware is still the headaches we encounter on a daily basis.
This is a very good tactic, with anonymous chat sites like Omegle, people really are trolling the internet for sex. If they send out 10,000 of these e-mails chances are they're going to hit one or two, maybe far more than that, of the sick perverts lurking on chat sites asking lots of girls for pics (which they will not remember the names of) and this would be a normal thing in their inbox, probably nestled amongst several real people sending pictures.
Of course they will hit those that never asked for pics either but would never pass up free pornography that know nothing about the dangers of attachments are exactly the people they want – because they'll hand over their hard-earned cash to buy the fake anti-virus.
If people didn't fall for this stuff then the scammers wouldn't do it, but because they still are then yes – people really *are* that stupid.
Even if someone was expecting naked pictures… a .scr file? Really?
There's probably a lot of non-technical folks out there who don't pay too much attention to a file's extension, and wouldn't realise that a .SCR file normally represents a Windows screensaver (and is thus executable).
Plus by default Windows hides extensions for known file types! One of the options I always turn off, and advise other people to do the same…
True, but Outlook (and even Gmail) show the whole file name with extension of an attachment. So Windows may not show it by default, but you'd have to see it before you opened/downloaded it.
Thank you very much for mentioning that fact, about an .SCR file being executable. Although I knew to turn off the Windows feature to hide extensions for known file types as mentioned by Alan, I never knew to be leery of .SCR files.
I just passed that information on to a friend of mine who collects screensaver files, and she said thank you too.
One question: would a virus scan of the file help, or not really, because it would execute and do its damage before it could be scanned?
Thank you!
"Bonjour!" Love it… Excellent article.
Hi Graham ,
Nice article , I think most of the people are aware now of spams and attachments , But I think people should more focus on the source from where it has arrived then on the attachment as they can be deceived by it but by knowing or doing a little bit of research before opening attachment or links in the mails , it can help the users to remain protected.
Moreover people on MAC platform have this thought that they are very secure and they don’t need a security software.
On this front Sophos initiative to give free anti-virus is great boost to the confidence and in spreading awareness among the people the safe era is gone ..now its the mean era ..where no one is safe enough ..until have the Security wall in place.
I think we should take the initiative to spead this to the masses to get better educated and Facebook is the best tool as of now 🙂 but @ the same time scams over Facebook put a dent in the process. But via strategic point of view .social media is a great tool in this.
Thanks for sharing.
I will also be writing over some kind of similar but a technical stuff over my blog to spread the news.
Regards,
Vivek
In this particular case, the malware is Windows-specific. Users of Mac OS X won't get infected by this one.