Monday, December 24, 2012

Don't Have a Malware Nightmare Before Christmas

This is not a Santa Clara-particular post. But it is important. There's a new e-mail phishing scam going around. And the thing about this one is that I might have gotten caught except for the fact that I have a Mac -- Windows .exe files won't run on a Mac. So even if it's downloaded, it can't install or run. 

(I'm sensitive about this because last Christmas our debit cards and passwords were stolen by a "skimmer" who sold the numbers to someone in Los Angeles. Someone who liked to shop at Juicy Couture -- a dead giveaway. If it had been Talbot's or Macy's I might not have caught on as fast.)

This latest scheme is very convincing: You get an email purportedly from the USPS or FedEx telling you that your package was undeliverable and instructing you to click on the receipt. 

Around Christmas who isn't expecting a package? 

According to

"The message is not from USPS. The claim that a package delivery has failed is untrue. The message is an attempt by online criminals to trick users into downloading and installing an information stealing trojan. The link in the scam email points to a compromised website that will automatically download the malicious payload to the victim's computer. If the victim then proceeds to run the downloaded .exe file, a trojan will be installed. Typically, once installed, these trojans can steal sensitive personal information from the infected computer, make connections with remote servers operated by online criminals and download further malware components." 

Best idea? Don't click on anything 'til, like Santa Claus, you check twice to see if it's naughty or nice. 

No comments:

Post a Comment