Internet Security News & Views

Omniquad warns: Fake CNN and BBC News Alerts point to MALWARE!

Internet criminals have come up with a new way of distributing malware through email campaigns, they send breaking news emails from  some popular news site likes CNN and the BBC. The emails are piggybacking on popular news or current affairs. The email links take victims to malicious websites containing malware.

Detailed Analysis of Emails claiming to be from CNN News or BBC News:

Emails purporting to be CNN notifications suggest the victim to click on a link to read the breaking news stories pertaining to the pope.

These emails are not sent from CNN, and also links don’t open any CNN news articles.

The messages include seemingly official CNN graphics and formatting. However do not click on  the link, because if you do so, you will infect your computer with a Trojan horse.

"Pope could be sued over Child Abuse Claims" Fake CNN News Email

The email says: Click the Following to access the sent link:

Pope ‘could be sued over child abuse claims’ Exclusive! – 

Any news story involving the new Pope Francis, as head of the Catholic Church, is bound to grab headlines, especially if it is scandalous.

Omniquad Security Research Labs found that the endpoint URL contains a criminal toolkit known as the BlackHole Exploit Kit. BlackHole is a web application used by criminals to exploit browser vulnerabilities as a means of downloading and installing Trojans and other types of malicious software into victim computer. Victims who fall for the ruse and click links in these messages may inadvertently install a variety of information stealing malware on their computers.

During our research, we found that some versions automatically redirects victim to the genuine CNN website once the fake webpage has been loaded and attempted to deliver its payload.

 Fake BBC News email with Malware link

Here are some of the other email subjects that claim to be from the BBC.

BBC-Email: USA government decided to follow Cyprus and rise deposit taxes!!!

BBC-Email: Cyprus already confirmed one time tax withdrawal TODAY!

BBC-Email: Cyprus Bank-Levy Passage in Doubt as EU Shows Aggression

BBC-Email: Cyprus banks shut extended to Monday

BBC-Email: Cyprus can amend bailout terms

BBC-Email: Cyprus decided to rise bank tax up to 15% for Corporate sector

BBC-Email: Cyprus effect on stocks likely long-term

BBC-Email: Cyprus government today accepted one time bank tax withdrawal but higher than expected

BBC-Email: Cyprus races to rework savings tax after closing banks till Thursday

BBC-Email: Cyprus rises tax value and confirmed one time withdrawal!

These are all very topical subject lines referring directly to current events.

If an email contains a link and you’re unsure whether it’s legitimate, hover over it with your mouse to see what address it directs you to. Also look out for confusing Alt Tags which may take your attention away from the bottom left corner when you hover with the mouse on the link. Even if the Alt Tag should say “BBC News” or “CNN”, unless the domain referred bottom left is also CNN or BBC, don’t click!

Be alert for clicking /opening links or attachments in unsolicited emails, even if they appear to come from a legitimate organization.

Omniquads Mailwall Remote cloud email filtering solution stops emails such as these for our clients. Our cloud web filtering solution Surfwall Remote blocks malicious links containing malware.

How to Protect yourself from email frauds.

  • Never click on Hyperlinks within emails, instead, copy and paste them into your browser.
  • Do not open any file attached to the email.
  • Always look for “https://” and padlock on web sites that require personal information.
  • If you didn’t initiate a transaction to which an email is referring, it’s probably a scam.
  • Never respond to spam / suspicious email or emails from unknown senders.
  • Do not supply your personal / Bank account information to strangers, they are most likely scammers.
  • Use spam filtering  software.

– The Omniquad Security Team

Tagged as: , , , , , ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Follow blog to be notified of new posts by email.

Recent Comments

Sunrise104 on MovieStarPlanet – Not ju…
%d bloggers like this: