US-CERT: Economic Stimulus Email and Website Scams

Economic Stimulus Email and Website Scams

added March 5, 2009 at 04:08 pm
US-CERT is aware of reports of economic stimulus scams circulating. These scams are being conducted through both email and malicious websites. 

Some of the email scam messages request personal information, which can then be used for identity theft. Other email scam messages offer to deposit the stimulus funds directly into users’ bank accounts. If users provide their banking information, the attackers may be able to withdraw funds from the users’ accounts.

The website scams entice users by claiming that they can help them get money from the stimulus fund. These websites typically request payment for their services. If users provide their credit card information, the attackers running the malicious sites may make unauthorized charges to the card, or charge users more than the agreed upon terms.

US-CERT encourages users to do the following to help mitigate the risks:

• Review the Federal Trade Commission alert about economic stimulus scams.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

US-CERT: Malicious Code Targeting Social Networking Sites

Malicious Code Targeting Social Networking Site Users

added March 4, 2009 at 11:53 am
US-CERT is aware of public reports of malicious code spreading via popular social networking sites including myspace.com, facebook.com, hi5.com, friendster.com, myyearbook.com, bebo.com, and livejournal.com.

The reports indicate that the malware, named Koobface, is spreading through invitations from a user’s contact that include a link to view a video. If the users click on the link in this invitation, they are prompted to update Adobe Flash Player. This update is not a legitimate Adobe Flash Player update, it is malicious code.

Additionally, some of the reports indicate that there are multiple bogus Facebook applications being used to obtain users’ private information.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

• Install antivirus software and keep the virus signature files up to date.
• Do not follow unsolicited links.
• Use caution when downloading and installing applications.
• Obtain software applications and updates directly from the vendor’s website.
• Refer to the Staying Safe on Social Networking Sites document for more information on safe use of social networking sites.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.