New Driveby Email Virus

Taffycat

Crunchy Cat
Joined
Jun 1, 2006
Messages
12,830
Reaction score
1,067
I know most of us are careful/wary when opening emails, but just a quick heads-up for anyone passing through, who might find this article helpful. :)
Driveby Email Virus Hits Cyberspace: How to Protect the PCs
By BS Unnikrishnan
February 2, 2012 4:40 AM EST

A new type of email-borne virus, which can infect PCs even if the user doesn't open an attachment, has hit the cyberspace.

The new virus, which experts have classified as "particularly dangerous", automatically downloads malware into the PC when the user clicks open the email. The only message that the user will see is "Loading... Please wait..."

The Internet security options installed on the PCs won't be triggered as the mails themselves are not infected.

The disastrous potential of the email-borne virus to infect the PCs even if the users don't click open an attachment has baffled Web security experts.

The new generation virus, which has been dubbed "driveby emails", has been identified by Web security experts Eleven Research Team.

"The new generation of email-borne malware consists of HTML emails which contain a JavaScript which automatically downloads malware when the email is opened. This is similar to so-called driveby downloads which infect a PC by opening an infected Website in the browser. Driveby spam eliminates the detour via attachments or links in the e-mail and also affects cautious users which would never open an unknown attachment or link," the Eleven Research Team said in a statement.

The drive-by spam comes with the subject "Banking security update" and has a sender address with the domain fdic.com, a U.S.-based insurance company. "If the email client allows HTML emails to be displayed the HTML code is immediately activated. The user only sees the note "Loading...Please wait...". In the meantime, the attempt is made to scan the PC and download malware," the experts warned.

How to protect the PCs from the driveby spam

In order to protect the PCs from the malware, users need to make sure that their email account is protected against spam and malware and that all spam and malware filters are duly updated.

Displaying HTML emails in the users' email client should be deactivated and they need to go for the option of displaying emails in pure-text format only. That way, users can make sure that the HTML content is contained in an email attachment and the PC will be infected only if the attachment is opened.
Source: International Business Times
 
Back
Top