Amid the growing tension in Syria, some malware authors are getting busier spreading malicious software through fake emails that supposedly come from Cable News Network (CNN). What is the connection between Syria and the malware? The suspicious email messages announce that the US has supposedly begun bombing the Middle Eastern country.
Kaspersky Labs is calling online users’ attention about this issue. The PC security vendor warned that the risky emails are claiming to be a ‘breaking’ or ‘developing’ news story. Unsuspecting recipients may not be initially aware that the email messages contain malware.
Obviously, the news is a fake report that claims to have originated from CNN. As of this writing, the US has not bombed Syria yet regarding the current turmoil in the region. In a statement, Kaspersky said it is not surprised that cyber-criminals are now jumping into actualities. Thus, we may expect more of those Syria-themed malicious emails to circulate especially if the US actually decides to take military action against the Syrian government.
The risky emails may appear to come from CNN, with the email address [email protected]. The subject line could be quite catchy as it claims that CNN has reported that the US has ‘began bombing.’
According to Kaspersky, at first, the email may not look suspicious. However, once a recipient gets to read the content, he may instantly notice poor English used. For those who know how the US government works in time of such crises, it may also be harder to believe that the White House would abruptly decide to ‘drop 15 bombs’ in Damascus.
There could be other strategic methods that would convince unsuspecting victims to open suspicious email attachments. Kaspersky has advised PC users to be more discerning and to properly scan for viruses any email message that may contain suspicious news stories.
Kaspersky clarified that the danger comes not in receiving the suspicious emails but in clicking the link provided. Upon clicking the link provided, the email recipient’s PC may instantly get infected by the malware. There may be no indication at the very instant that malicious software was downloaded.
However, the PC user would eventually realize that an exploit kit has been embedded into his system through the link. That malware would specifically target vulnerable and older versions of Java and Adobe Reader.
Once activated, the exploit would also start downloading Trojan-Downloader into the infected PC. That malware would eventually start downloading other different malware.
For comments and suggestions, leave a message in the comments section below. Like and Follow our Facebook page for more stories and to stay up-to-date with the latest happenings.