Monday, September 27, 2010

PCWorld.com - Malicious HTML In E-Mail Increases

PCWorld.com - Malicious HTML In E-Mail Increases

John E Dunn, Techworld.com
Sep 26, 2010 10:02 am

Spammers have suddenly cranked up the use of malicious HTML file attachments in recent days, according to security company Barracuda Networks.

Using a number of search engine optimization-driven subject lines, the latest campaign tries to get recipients to click on "harmless" HTML attachments which launches an obfuscated Javascript attack that sends users to a variety of websites peddling everything from bogus CODECS to pharmacy.

One in particular, a standard advertisement for fake antivirus software, installs a back door -- even if the browser is closed so by the time the HTML file has been clicked it is already too late. (See also "How to Spot an E-Mail Scam.")

The only defenses against this sort of attack are either for it to be filtered at the gateway so it never reaches the user, or for the user to disable Javascript in their browser. Security software on the PC might catch the exploit.

Spam built around HTML is nothing new, but does seem to have become a hot technique in the last year or so with some spammers. A popular variant is the bogus "Delivery Status Notification Failure," a sneaky way to get the attention of a user without arousing suspicion.

More recently still, the spammers started embedding the Javascript inside the HTML file (rather than as a simple file attachment), to spread the horrible Zeus banking Trojan.

"So yes, a seemingly innocent HTML email attachment can do plenty of damage, and while quite stealthy, definitely not harmless," concludes Barracuda Labs' researcher, Dave Michmerhuizen.

Since attachment attacks became a favorite tactic, spammers have tried almost every common format in existence, sometimes moving to obscure ones in an attempt to get around spam filters.

No comments:

Post a Comment

Related Posts with Thumbnails

Please Consider A Donation If This Site Was Helpful OR Pay By Google Checkout OR Pay By PayPal

NHSNOLA@Gmail.com/Neighborhood Home Services Is My PayPal Account

Emsisoft a-Squared AntiMalware Online Scan

Secunia OSI - Online Software Inspector - Scan for outdated software on your computer.

If the "Scan PC" button isn't showing, scroll down on the right of this Secunia OSI section OR click this link... http://secunia.com/vulnerability_scanning/online/

FlagCounter Added August 22, 2010

free counters

Followers