New virus sounds phishy.A new computer virus that lures victims the same way phishing Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, bank or retail establishment. e-mails do is on the loose, antivirus firms say. Potential victims get an e-mail saying their credit card has been charged $175 by PayPal, and are urged to click on a link for details. But following the link will cause the consumer's computer to become infected. Other variations offer a peek at potentially pornographic material, or claim to be from someone looking for Looking for In the context of general equities, this describing a buy interest in which a dealer is asked to offer stock, often involving a capital commitment. Antithesis of in touch with. new friends; they, too, urge recipients to click on a link. The virus--called a MyDoom variant by some researchers, and "Bofra" by others--also takes advantage of a brand-new vulnerability in Microsoft's Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. . Microsoft has yet to produce a patch for the flaw, making the virus potentially dangerous. However, it's not spreading dramatically, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. antivirus firms. Symantec Corp. has only seen reports of 29 infections, according to Oliver Friedrichs, manager of the firm's security response team. The worm is, however, generating a lot of stray e-mails in an attempt to infect more machines, said McAfee. The firm rates the worm a medium threat. How it works Each infected computer is loaded with code that allows it to serve up a small Web site onto the Internet that's laced with the infecting code. It then scours scour, scours 1. the chemical and physical cleaning of fleece wool. 2. diarrhea. dietetic scour see dietary diarrhea. peat scour see secondary nutritional copper deficiency. all files on the computer for e-mail addresses See Internet address. e-mail address - electronic mail address , and sends out e- mails to more potential victims. The link in those e-mails actually directs recipients' computers back to the computer that sent the e-mail. Recipients who click on the link automatically download infected code from the original machine. "The messages are spreading," Schmugar said. "We are getting reports of thousands of messages being blocked. But it's hard to gauge how many infected computers there are." The phishing-like tactic may have backfired on the virus author, however, because many Internet users Internet user n → internauta m/f Internet user Internet n → internaute m/f are now suspicious of such e-mails. The PayPal variation includes this message: "Congratulations! PayPal has successfully charged $175 to your credit card. Your order tracking number is A866DECO, and your item will be shipped within three business days.' It then goes on to urge recipients to click on hyperlinked text within the e-mail. "The social engineering puts people on guard because they are getting a strange message from PayPal they weren't expecting," Schmugar said. "But it is interesting." The tactic helps the worm evade virus detection programs. Since the virus-infecting e-mail contains no attachment or executable file See executable code. , it isn't filtered out by most antivirus products. "It's unique because there's no malicious code in the actual e-mail. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion