Although we see some very sneaky social engineering tricks used by scammers and cybercriminals on occasions, designed to trick users into making unwise decisions, we also see some very basic attempts at online crime.
Take, for instance, this email which was spammed out this weekend pretending to be an advisory about a new update to the popular Firefox web browser.
Hopefully no regular reader of Naked Security would fall for it.
Subject: New version released.
Message body:
" Important notice
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available. Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available. A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
For security reasons please update your firefox version now
[LINK]"
There are no surprises here. The link downloads an executable file, which bundles together an installer for Mozilla Firefox 5.0.1 and... a password-stealing Trojan horse.
Sophos already detected the Trojan horse as Troj/PWS-BSF.
Our labs have also added detection for the actual bundle itself, which we're identifying as Troj/Mdrop-DPO.
You should always exercise caution when you're asked to click on a link in an unsolicited email.
And, in particular, don't forget that Firefox automatically updates itself - so you should never have to act upon an email like this. If you want to manually look for the latest update, simply open Firefox and go to the Help menu and select About Firefox.
source: sophos
Take, for instance, this email which was spammed out this weekend pretending to be an advisory about a new update to the popular Firefox web browser.
Hopefully no regular reader of Naked Security would fall for it.
Subject: New version released.
Message body:
" Important notice
A Firefox software update is a quick download of small amounts of new code to your existing Firefox browser. These small patches can contain security fixes or other little changes to the browser to ensure that you are using the best version of Firefox available. Firefox is constantly evolving as our community finds ways to make it better, and as we adjust to the latest security threats. Keeping your Firefox up-to-date is the best way to make sure that you are using the smartest, fastest and . most importantly . safest version of Firefox available. A Firefox update will not make any changes to your bookmarks, saved passwords or other settings. However, there is a possibility that some of your Add-ons won.t be immediately compatible with new updates.
For security reasons please update your firefox version now
[LINK]"
There are no surprises here. The link downloads an executable file, which bundles together an installer for Mozilla Firefox 5.0.1 and... a password-stealing Trojan horse.
Sophos already detected the Trojan horse as Troj/PWS-BSF.
Our labs have also added detection for the actual bundle itself, which we're identifying as Troj/Mdrop-DPO.
You should always exercise caution when you're asked to click on a link in an unsolicited email.
And, in particular, don't forget that Firefox automatically updates itself - so you should never have to act upon an email like this. If you want to manually look for the latest update, simply open Firefox and go to the Help menu and select About Firefox.
source: sophos