Scammers dial up Western Union attack
Shaun Nichols in San Francisco vnunet.com
27 May 2009
New spam run uses fake money order to spread Trojan
Malware authors have begun using a wave of fake money transfer forms to infect systems, say researchers.
Security firm Sophos has reported a new crop of spam emails which claim to be originating from money transfer service Western Union.
The messages claim that the user sent a money transfer at a previous date which had not been collected by the recipient. Users are then told that they can collect the transfer amount by printing out an attached form and redeeming it at a local office.
The attack occurs when the user opens the attached 'payment form' file. The malicious attachment attempts to perform a PDF vulnerability exploit and install a Trojan application when then infects the user with additional malware.
Malware writers and online scammers have long preyed on the greed of users in their fraud operations. Scams such as the infamous Nigerian 419 letters and fake online lottery scams similarly attempt to trick users with the lure of free money.
As the economic crisis drags on, experts predict that such tactics will only become more popular.
Sophos senior technology consultant Graham Cluley warned users to stop and think before responding to such dubious 'free money' offers.
"If you haven't sent any money via Western Union, then why would they be telling you it failed to be delivered properly?" Cluley asked in a blog posting.
"Common sense is your friend. It's just such a shame that it doesn't seem to be very common."