Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - SPAM and Malware taking advantage of H1N1 concerns InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

SPAM and Malware taking advantage of H1N1 concerns

Published: 2009-12-02
Last Updated: 2009-12-02 18:06:25 UTC
by Rob VandenBrink (Version: 1)
1 comment(s)

Gary writes in, telling us of a recent spike in SPAM with a title similar to "“State Wide H1N1 Vaccination Program", which pretends to originate from the CDC (Center for Disease Control).  The email goes on to instruct you to "follow this link to create a vaccination profile on the CDC website".

Needless to say, this email is a fake, it redirects you to a site in the Ukraine, and plants malware on your PC.  The URL is ", followed of course by the real domain name,  six or seven digits of seemingly random characters.

You do not need to register with the CDC to receive a vaccine for the H1N1 strain of influenza

There's also a rise in fake H1N1 sites using other vulnerabilties to compromise your PC, including the recent Adobe issues.

It never ceases to amaze me the depths that these "malware folks" will stoop to. 

If you are following a link in your email - always check to see that it's taking you where you think you are going before you click it.  Copy and paste it through your clipboard, or rekey the link entirely in your browser.  This kind of deception is just so prevalent that clicking links in a received note is simply not safe!

1 comment(s)
Diary Archives