I got Spam?!

The latest phishing attack involves an official looking government message from the National Payroll Consortium that claims that the recipients' employer has been caught attempting to fraudulently lower workman's compensation costs. It asks that the recipients fill out an attached form and fax it to NPRC's fraud department. However, the attachment actually contains a Trojan with a malicious file. The NPRC has posted an advisory on its website warning visitors of The Scam.
"This email was NOT sent or authorized by NPRC, and is NOT associated with NPRC. It likely contains malware or viruses that could harm your computer if you click on any links contained in the email or open any attachments," the advisory states.
The attack was spotted by Websense, a web, data, and messaging security firm.

"Social engineering attacks will always be successful. They're banking on how users handle a particular scenario," said Stephan Chenette, Websense Security Labs manager. "In this particular case it was quite successful."

• GFI Adds Support for January 2008 Microsoft Security Updates
• Spammers Use Lunar Eclipse to Deliver Malware
• Spam Reaches Record Levels
• SPAM, Viruses and the Blacklisting of Exchange Servers
• Hackers Attack Anti-Virus Site
• Phishing Sites Now Using the Storm Worm Botnet
• Spammers top 10 report: US Leading the Axis of Evil!
• Security Software Industry Takes First Steps Towards Forming Anti-Malware Testing Standards Organization
• End Of Year Security Wrap Up for 2007
• Using Throttling and Traffic Shaping to Fight Spam
• Japanese Spammer Accused of Sending Over 2 Million Spams
• Botnet Source Code For Overachievers
• Spikes In Spam Put Your Business at Risk
• Judge Orders End to Weight Loss Spam Organization

Filed under: Phishing Tags: by admin Date 12 January, 2008