(Yet Another) Malware Alert

Security vendor TrendMicro lists “health-related” as one of the top three categories of spam. This is not only annoying, but dangerous: Spam emails often include links to malware sites. Another nasty spammer habit is to pounce on any trending topic and send out emails related to it. Worst of all, there are virus programs that infiltrate address books and send out emails that appear to come from people you know. In combination, they become a triply dangerous trap for the unwary. Always remember–think before you click.

As a good hygiene rule, you should always mouse over any link in an email or website that seems suspicious. At the bottom or to the side of most browsers, you’ll see the code underlying the link, so you can make sure it goes to where the text claims it will. Do you trust that this text links to a website about warm, relaxing winter vacations ? (Well, depends on what your definition of “warm” is.)

Unfortunately, knowing that people have learned how to do this, the bad guys have come up with another combination of nasty techniques. TrendMicro offers the technical details of a new spoofing attack that uses links to legitimate sites. “Spoofing” is the practice of creating a scarily credible copy of a business email, with links to malicious sites. Only now, the bad guys are using GoogleDrive and Dropbox, so when you mouse over the links, they don’t initially jump out at you as obviously suspect. Unfortunately, if you click on the links, they will start to auto-download malware placed  on these legitimate data storage sites.

Aside from the anti-malware programs companies like TrendMicro are selling, your best defense is just to be logical: Ask yourself questions, such as why would your children or best friends be sending you (supposedly) urgent information by email? And why on earth would any legitimate business ask you to change a password via an untraceable email??

What's wrong with this picture? Why would Google be writing you from Germany (.de)?

What’s wrong with this picture? Why would Google be writing you from Germany (.de)?