New Fake News Email Attack Circulating
US-CERT has seen reports of a new circulating email. This attack is in the form of an email message with the subject line “Evacuation process has been started due to radiation leaks at San Clemente Nucklear Power Station.” The message body states that the information is from a trusted news source and encourages users to follow a link to view a video. This link may direct users to a website hosting malicious code.
Email text might look something like:
CNN, San Clemente, CA – Major Problems have been occured at San Clemente Nucklear Power Station – 20-year old circuit breaker fails to close, creating a 4,000-volt arc and fire. Possible radiation leaks on 100miles area. Evacuation process has been started – View current videoclip
The links to infected websites might look like:
http://usa7.****41.us/news_report.php?portal=21bzkwcdyDedsgdjcnwOkhb
http://usa6.*******58.in/news_report.php?agentid=3D34zaAdRoCsKIDxckpOoeoOwhfftWezndOkhb
Users are encouraged to help mitigate the risk and install/update anti-virus software. Among other things, never follow unsolicited web links received in email messages, verify sender email, spelling errors, grammar errors, weird URLs that doesn’t point to a news source, accuracy since, in this case, California has nuclear power plants in San Luis Obispo and San Onofre, not San Clemente.
What makes it interesting is that spammers were clever enough to invent a news story which might make lots of people click on it reflexively without thinking.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.