Viral Pandemonium

Virus: Two prevalent worms

On Saturday Sophos released notification of W32/Mytob-EY, a fast-spreading, email-based worm. This notification follows a week after notification about W32/Sober-P which also uses email as a vector. Sophos has updated their anti-virus protection to identify these worms but, as always, be careful when viewing suspicious email messages.

Another phishing schemer

It's really quite simple: Don't click on links in emails!

In the IS Connection blog Jack has written about the practice of phishing, sending emails that appear to come from legitimate institutions--eBay, major credit card companies, etc.--and urge readers to enter personal information into an online form to "verify their identity."

One recent example of the genre is a an email purporting to be from the National Credit Union Administration--"the federal agency that charters and supervises federal credit unions...across the country. The email talks about "security measures" and urges readers to "fill in the form...to complete the verification process." It sounds good, but the email is completely bogus.

(keep reading...)

Virus: Bofra-B

Bofra-B is a dangerous virus that combines phishing [IS blog] techniques with code that exploits a recent vulnerability in Microsoft Internet Explorer. The virus spreads via emails claiming to document a PayPal purchase and tricks users into clicking a link within the document. Clicking the link can infect an insecure computer.

As a general rule, never click on links within emails claiming to concern financial transactions. Instead, note the name of the site and enter that name into the address bar of your browser. Virus writers and phishers often conceal links to illegitimate sites within seemingly innocuous links--don't trust what you see. (keep reading...)