The Nurech.A Worm Continues to Spread and Infect Computers Under the Guise of Valentine's Messages
- Computer Users Should Be on the Lookout for Suspect Emails With 'Romantic Titles' or 'Gift-Offers'
GLENDALE, Calif., Feb. 9 /PRNewswire/ -- As Valentine's Day approaches, computer users should keep a wary eye on any romantic messages received by email, as many of them could contain malicious code. The Nurech.A worm appeared earlier this week using this type of lure and has caused an "orange virus alert" at PandaLabs. It still continues to spread and infect computers.
Nurech.A hides in emails with subjects like: "Together You and I," "Til the End of Time Heart of Mine." The name of the attached file carrying the malware is always an executable file and has names such as flash postcard.exe or greeting postcard.exe.
Other malicious codes currently infecting users include Nuwar.D. This worm arrives in messages with subjects like "5 reasons I love you" or "A kiss for you."
Events like Valentine's Day and Christmas are usually exploited by cyber-criminals to try and spread their creations by disguising infected emails as e-greeting cards. This tactic is known as 'social engineering.' The best example is the infamous LoveLetter virus, which caused one of the biggest epidemics in computer history.
"As Valentine's Day approaches this year we are already seeing a proliferation of computer threats and spam using this lure. As a general rule, don't open any suspicious email, regardless of what is says it contains. Instead of going on instincts, let a security solution decide whether it's safe to open it or not," says Luis Corrons, technical director of PandaLabs.
And it's not just malware-infected emails that are on the prowl. With people buying Valentine's gifts, there is an increase in online transactions and consequently an increased risk of bank details ending up in the hands of cyber-crooks. Much of the junk mail that reaches users' accounts contains links to false banking or shopping websites, where users are requested to enter confidential information such as their account number and password; the classic 'phishing' routine.
"In order to avoid phishing attacks, don't click on links that arrive by email, but instead type the address directly in the browser's address bar. Since no banks request account details via email, any message that does so must be treated as phishing, no matter how authentic it looks," concludes Luis Corrons.
All users that want to know whether their computers have been attacked by these or other type of malicious code can use ActiveScan, the free scanning solution available at: www.pandasoftware.com/activescan. Users can carry out a complete inspection, free of charge, of all the areas of their computers that they suspect may be infected.
More information about these and other threats is available in Panda Software's Encyclopedia at http://www.pandasoftware.com/virus_info/encyclopedia/
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment