BOSTON -- IT security firm Sophos warns individuals of a social engineering phishing campaign that attempts to capitalize on the tragedy at Virginia Tech. Spam messages teasing camera phone footage of the Virginia Tech shootings have begun flooding inboxes worldwide. These messages, however, are infected with malware and could pose major problems if clicked through.
SophosLabs, the companys global network of high-security threat research centers, discovered the malicious spam earlier today through Sophoss advanced behavioral genotype protection capabilities. The link within the spam messages points viewers to a file entitled TERROR_EM_VIRGINIA.scr. If downloaded, the link installs a banking Trojan on the users computer system and this Trojan can be used by cyber criminals to steal passwords, user names and account numbers.
It is extremely disturbing that cyber criminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, its not that surprising, said Ron OBrien, senior security analyst with Boston-based Sophos. Weve seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cyber criminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, well see this campaign continue until interest fades.