All the latest UK technology news, reviews and analysis
|
|
|
27 May 2009
Malware authors have begun using a wave of fake money transfer forms to infect systems, say researchers.
Security firm Sophos has reported a new crop of spam emails which claim to be originating from money transfer service Western Union.
The messages claim that the user sent a money transfer at a previous date which had not been collected by the recipient. Users are then told that they can collect the transfer amount by printing out an attached form and redeeming it at a local office.
The attack occurs when the user opens the attached 'payment form' file. The malicious attachment attempts to perform a PDF vulnerability exploit and install a Trojan application when then infects the user with additional malware.
Malware writers and online scammers have long preyed on the greed of users in their fraud operations. Scams such as the infamous Nigerian 419 letters and fake online lottery scams similarly attempt to trick users with the lure of free money.
As the economic crisis drags on, experts predict that such tactics will only become more popular.
Sophos senior technology consultant Graham Cluley warned users to stop and think before responding to such dubious 'free money' offers.
"If you haven't sent any money via Western Union, then why would they be telling you it failed to be delivered properly?" Cluley asked in a blog posting.
"Common sense is your friend. It's just such a shame that it doesn't seem to be very common."
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
We have been given the privilege of recruiting for a...
My client is a proprietary, electronic trading firm and...
Our client is looking for a Senior Project Manager (Telecoms...
Business Analysts are being sought by my leading financial...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Yes, good advice
The last two sentences of the post sum it up entirely. If you can't recognize this scam as actually being the scam it is, then you deserve everything you get. However for users of Western Unions services, it is possible to get taken in, but only if you happen to use WU's online service. If you go into a branch, how are WU going to get your email address, theres no request for it on either the sender or receiver form.
Posted by: Mark Anthony 06 Jun 2009
Good advice
Of course one should not get taken in by spammers. I know that 15 day rule is not true. I have sent money by Western Union. Once my recipient could not pick it up for a month, for various reasons, and the money was still available when he did collect it.
Posted by: JoannaV 28 May 2009