All the latest UK technology news, reviews and analysis

Bogus BBC emails link to malicious site

by William Eazel

03 Apr 2006

Be the first to comment

  • Tweet this
The BBC has warned surfers to beware of spam emails that direct users to a fake BBC website containing malicious code
Spam emails exploit unpatched createTextRange flaw in Internet Explorer

The BBC has warned surfers to beware of spam emails that direct users to a fake BBC website containing malicious code.

The emails apparently entice users with excerpts from genuine BBC stories and contain a link to read more.

But the link takes unwary users to a malicious website that exploits a recently discovered flaw in Internet Explorer to install software that monitors financial activity and logs keystrokes.

"This website exploits the unpatched createTextRange vulnerability and is currently being used to download and install a key-logger, " said security firm WebSense.

"This key-logger monitors activity on various financial websites and uploads captured information back to the attacker."

The BBC confirmed that this is not the first time that its brand has been used by hackers to lure people to malicious websites, and claimed that the technique is common practice.

Microsoft is expected to deliver patches for the vulnerabilities in its next security update due on 11 April.

However, two security firms, eEye and Determina, have produced patches that close this loophole in the interim.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

businessman-at-computer

Fight against cyber crime requires greater understanding of human weaknesses

Related white papers

Related articles

Related jobs

Today's top stories

Samsung Galaxy S III running Android Ice Cream Sandwich

Samsung Galaxy S3 launch fails to attract iPhone-like crowds

hurricane-irene

American Express predicts online hurricane to blow big business away

assange

Wikileaks founder Julian Assange loses extradition appeal hearing

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

36%

2%

12%

50%

Features

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

cookie

ICO sends out mixed messages on cookie law

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Riso

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Qlikview

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

Lotus Notes Domino Administrators

Lotus Notes Domino Administrators Due to the expansion...

Account Manager / Project Manager - Saas Accounting Financial Software

Account Manager / Project Manager - Saas Accounting Financial...

Channel Account Manager

Channel Account Manager One of the UK's most innovative...

Incident and Problem Manager

My client is looking for an Incident & Problem Manager...

To send to more than one email address, simply separate each address with a comma.