SophosLabs reports that malware attacks tend to surge near major elections and the most recent is calculated to pull in anxious voters on either side of the political spectrum; a malicious email purporting to come from CNN declaring “CNN Breaking News–Mitt Romney Almost President.”
In a post on their NakedSecurity blog, Sophos explains why no one should click a link from an email like this:
Even if a user who follows those links is on a protected computer, Sophos reports that the hack then takes another step by trying to send users to a page that appears to be an innocent Adobe Flash update, but in reality tries to infect the victim’s computer with the same exploit.
Blackhole exploits are nasty. A few weeks ago Ars Technica explained how most Blackhole exploits work:
BlackHole is a widely-used, web-based software package which includes a collection of tools to take advantage of security holes in web browsers to download viruses, botnet trojans, and other forms of nastiness to the computers of unsuspecting victims. The exploit kit is offered both as a “licensed” software product for the intrepid malware server operator and as malware-as-a-service by the author off his own server.
Blackholes can essentially transform our friendly laptops into remotely-controlled members of a kind of zombie horde. Botnets can be used for all kinds of ugliness, including denial of service (DDoS) attacks.
SophosLabs expects similar shenanigans to continue until the election is over and possibly for months afterward.
Avoiding the malicious Mitt Romney email is easy–don’t click links from emails at all, go directly to the website that appeared to send the message. Recipients receiving this particular message should also wonder if it even makes sense–no major news outlet, certainly not CNN, would even bother with headlining a story that a candidate is “almost president” and calling it “breaking news.”
As is often the case with malicious emails or direct messages, common sense is the best defense.