In a email based scenario potential victims are spammed with, malicious attachments(Fotos_Osama_Bin_Laden.zip or Fotos_Osama_Bin_Laden_Morto.zip) or URL and urging the user to open the attached / click the link to see the final moments as shown in the screenshots below; (Source: Websense). If accessed, information stealing banking Trojan (a variant of Banload family) dumped onto the system.
In another email based scenario, unwitting users are targeted with a crafted PDF attached mail apparently exploiting vulnerability in Adobe Reader (CIVN-2010-0035 /CVE-2010-0188). Attacks with the similar modus operandi were discussed in CERT-In current activity.
Messages are being spammed out in social networking sites such as Facebook with a link to a fake video apparently an attempt to a ?clickjck? or survey scams.
In web based attacks, search results of major search engines are poisoned with the search term relating to the slain Bin laden in an attempt to spread rouge AV products.>/p>
- Do not follow unsolicited web links or attachments in email messages.
- Keep up-to-date patches and fixes on the operating system and application software.
- Keep up-to-date Antivirus and Antispyware signatures.
- Do not visit untrusted websites.
- Do not disclose any financial or personal information being asked in unsolicited email.
- Observe notifications / warnings of malicious websites marked by Google and other Antivirus software while clicking on indexed search results.