The malicious email consists of a graphical image

Aug 30, 2006 15:02 GMT  ·  By

Australian computer users are targeted by a new breed of malware attack that is mirroring image spam techniques, revealed Sophos in a press release. Malicious emails - using the same modus operandi as image spam - contain an embedded image resuming the message rather than actual text. The social engineering scheme implements erotic incentives as Vicky Willington, a college girl, is looking for a sex partner. The potential victims are directed to a malicious website via a URL address comprised in the message.

"This malware attack is particularly interesting because it borrows techniques commonly used by spammers. The message body is image only - whereas Trojans are more commonly distributed as text only or text with embedded images," said Graham Cluley, senior technology consultant at Sophos. "The image in the email contains random noise to sidestep signature-based detection - a technique normally seen in medical or stock spam campaigns. Also, the subject matter is similar to 'pretty girl' spam campaigns that we see - but normally they send text spam rather than image spam, and urge the recipient to reply via email rather than visit a website."

The malicious emails present no hyperlink, but simply an URL that requires actual typing. The Website it points to contains a pornographic image and an additional link to the Troj/Dloadr-AMA Trojan horse.

"Because these emails solely consist of a graphical image there is no link for the user to click on," explained Cluley. "You can't visit this website by accident, you have to want to find out more about Vicky and enter the website URL manually. Some might believe that those foolhardy enough to look for a sex partner on the web get everything they deserve. The best defense remains to protect yourself with up-to-date security products and a healthy dose of skepticism about unsolicited email."