14 DAY TRIAL // I must begin by saying there's no reason to worry about, there's no nuclear power plant in Amsterdam, so it's only a weird spam prank. So, here it is: Roderick Ordo?ez of Trend Micro has today reported that a new spam campaign is targeting the Dutch users and is informing them that a nuclear accidents has taken place in Amsterdam. Obviously, a long text message attempts to convince the readers to click on the adjacent links, which are supposed to contain pictures with the accident.
"Trend Micro researcher Feike Hacquebord notes that even though the messages tell of a bogus nuclear power plant accident in Amsterdam (there is no nuclear power plant in Amsterdam, by the way), the grammar and spelling are fairly good- an unusual occurence in the spam business," Roderick Ordo?ez wrote on the blog.
In case one user clicks on the links, he/she is automatically redirected to a dangerous website equipped with a Trojan horse. The webpages are usually hosted by Geocities, the free website hosting service provided by Yahoo. Once the page is fully loaded, the user is asked to install a plugin in order to access the photos, but, instead of downloading such a tool, a Trojan horse is deployed on the vulnerable computers.
"Downloading the EXE, of course, downloads a malware to your computer. Trend Micro detects this malware as TSPY_BANCOS.EFZ. This Trojan spyware reports back information to a Turkish IP address, suspected of being part of the Storm network," the Trend Micro official added.
Certainly, this is a new technique, designed to find vulnerable targets, as the spammers aim to send the messages to specific countries in their native language. Until now, users have been usually assaulted by English-based spam messages, many of the messages being already flagged as spam and blocked/identified by several filters.
"Spammers may have gone Dutch to prey on a less suspecting Internet populace, who are already wary of the usual English spam and its associated links. The move to another language may also be a sign that spammers are extending their reach to other locales, or are merely testing the waters for new avenues of spam delivery," the Trend Micro expert concluded.