Fraudulent Presidential Swine Flu Reports Spread TSPY_BANCOS.AEM Trojan
Cybercriminals have come up with a new scheme, spread by a Trojan via spam messages, attempting to warn people that the President of Peru and others have the Swine Flu.
Swine flu has gotten us all a little anxious. Maybe even a little paranoid. Was the man who sneezed next to me on the bus infected? Am I infected? I do feel a little head sore coming on. Regardless, Influenza H1N1 is not the life-threatening plague many might make it out to be.
The same, however, cannot be said for those malware authors out there now seeking to take advantage of the global panic surrounding this illness. These people are a different kind of plague, though, one that is more of an annoyance than life-threatening.
A recent scheme employed by these cybercriminals is the scenario they have managed to construct in their latest spam run. An email message typically informs you that the President of Peru, Alan Gabriel Ludwig García Pérez, and others who attended the delegation of UNASUR (Union of South American Nations) summit, have been infected with Swine flu.
And if this little morsel of information wasn't juicy enough, the spam message continues by stating that the incident is being kept from the public. Is it a conspiracy? Well, that's certainly worth further investigation. Peaking your curiosity is what these con-artists are aiming for, to such a degree that you might just leave common sense aside and click the malicious link provided in the email.
This link, purported to contain the audio news report regarding the incident, is nothing more than a one way ticket to opening and executable file - Alan.Gripe.Porcina.mp3.exe, one that has been detected and named TSPY_BANCOS.AEM. This is a Trojan known for gathering up personal and financial information from a system, and then sending this data to a remote server using HTTP POST.
So, while we are all a little uneasy about the Influenza H1N1 epidemic, we should never let our fear, or even our curiosity, get the better of us. Any email message you receive that comes from an unknown source should be deleted immediately, no matter how juicy the reports might be.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.