Trick, But NO Treat!

As some of you may have noticed we are seeing a massive campaign by the 'Bad Guys and Girls' who are now using social engineering techniques via fake Halloween e-card notification e-mails. The last ones used cats as the bait!

Here's a screenshot of what just one of these look like now:



The body text can be one of a number of text strings and the link, at the moment, is one composed of numbers [IP Address].

Of course, when you click on the link you go to another site, not the one you expect to go to. Here are a couple of screenshots of one of the web pages you could end up on if you click on the link in one of these 'fake e-card' e-mails.

Here's a screenshot taken last night:


Here's a screenshot taken this morning:


Did you notice any difference? ;-)

What you don't see happening in the background is that just by you visiting the site it is letting the Bad Guys and Girls run exploit code against your system, if your system isn't fully patched, you'll get infected. If that fails [because your system is fully patched, or otherwise protected] they can always use social engineering to get you to infect your own computer by clicking on the link or graphic and running the file.

The main problem with the recent waves of fake e-card e-mails we have been seeing is that the link to the 'fake e-card' takes you to is often a website that contains the following payloads that can automatically infect your computer just by visiting it with a system that isn't fully patched:

• Various Browser Exploits.


• Various Windows Exploits.


• A download [fake e-card] which is actually malware.

It also appears that the so-called Storm-Worm Gang are constantly looking for new angles and ways to get you to add your computer to their botnet. This doesn't bode well for the upcoming festive season as that is when social engineering seems to work best. Why this is the case is not clear, it could be due to good will or a drop of the good-stuff? ;-) Maybe, it is just because people are more willing to spare a thought for others at this time of year, and in return expect them to spare a though for them?

As I've often mentioned here, the 'Bad Guys and Girls' seem to be using social engineering as their primary tool to try and get you to infect your own computer, so be very careful and make sure your system is fully patched and protected if you must let curiosity get the better of you...don't make their job even easier.

Just to make it crystal clear, the file offered on these sites will NOT show you a dancing skeleton; the only one dancing will be you, to the tune of the botmasters! Any sinister/mad laughter you imagine you hear is the same people laughing all the way to the bank.

Have a fun but safe Halloween...