14 DAY TRIAL // Since the 7.9 magnitude earthquake hit China on May 12, hackers, spammers and fraudsters around the world have been attempting to exploit the tragedy in their own unique way: by developing new earthquake-related attacks which could trick vulnerable users and steal their information or get inside their computers. Today, security company Sophos warns that a new scam has been detected on the web as a new avalanche of attacks propagates by email.
The entire attack relies on a spam message which arrives in users' inboxes and claims it contains some fresh news reports concerning the Chinese earthquake. "BEIJING, May 20 (Xinhua) -- The death toll from the earthquake in southwest China's Sichuan Province has risen to 34,074 nationwide as of 2p.m. Saturday, while 198,347 people were injured, according to the Information Office of the State Council. Pay attention to attachment for more," the text of the email reveals according to Sophos.
In addition, readers are asked to find out more information about this topic by downloading the attached Word document. However, downloading and opening the file actually drops the Troj/MalDoc-Fam Trojan horse without any notification.
"Over the last few weeks, we've already seen several examples of cybercriminals trying to exploit the natural disasters suffered by China and Burma, and it seems there's no end to their tactics," said Graham Cluley, senior technology consultant at Sophos. "To avoid falling victim, computer users need to use their common sense and not open emails from people they don't know. By deleting them straight away, you're cutting the fraudsters off before they even have the chance to trick you into giving them money as they pose as victims of the tragedy, or try and install malware on your computer."
And, as a small piece of advice, users should ignore such messages and apply the latest virus definitions for their anti-virus technologies as well as the newest updates for their operating system and other applications installed on the computer.