Sophos has reminded computer users to be wary of unsolicited e-mails posing as breaking news reports, following the widespread distribution in Australia of a malicious message which claims that Prime Minister John Howard is fighting for his life after a heart attack.
The e-mails pretend to be a link to a news story from The Australian, a daily newspaper, and start as follows, "The Prime Minister of Australia, John Howard have survived a heart attack. Mr Howard, 67 years old, was at Kirribilli House in Sydney, his prime residence, when he was suddenly stricken. Mr Howard was taken to the Royal North Shore Hospital where the best surgeons of Australia are struggling for his life".
The fake news story points to a website containing malicious code. Clicking on the link takes users to a webpage which downloads malicious code to their PC, and then displays the real '404 page not found' error page used by The Australian on news.com.au. The viral code attempts to steal online banking usernames and passwords from web surfers, Sophos said.
John Howard is the latest in a long line of public figures to be used as bait by malware authors and hackers. Politicians such as Russian President Vladimir Putin, Former British Prime Minister Margaret Thatcher, Ex. US President Ronald Reagan, California Governor Arnold Schwarzenegger, Former US President Bill Clinton, President George W Bush and former South African President PW Botha have been have been used in the past. Furthermore, the promise of glimpses of glamorous pin-ups like actor Halle Berry, former Russian tennis player Anna Kournikova, actors Julia Roberts, Jennifer Lopez, singer Britney Spears or the stars of 'Sex and the City' have previously been used to help viruses spread.
"It seems the hackers are back to their old tricks of spamming out sensational headlines in the hope that computer users will forget to think before they click, and visit the website hosting the malignant code," said Graham Cluley, senior technology consultant for Sophos. "The scammers have registered several domain names that appear to be associated with 'The Australian' newspaper, and have gone to effort to make people think that they really are visiting the genuine site by pointing to the real error page. Everyone should be on their guard against this kind of email con-trick, or risk having their PC infected."
|
