The Latest in IT Security

US Election used as malware smokescreen

18
Oct
2012

At first glance this looked like a “standard” email-malware attack.  As with many similar attacks the email pretends to be carrying an eticket attachment – this time from Delta.  The zip file holds executable malware.  In case we weren’t sure this is malware here are some of the giveaways:

  • The “flight” predates the email by about 2 months (August 2012)
  • Delta doesn’t fly to Corpus Christi (OK, I had to look that one up.)
  • The very curt instructions: “you can print your ticket”
  • It’s Delta not “Delta Air Lines”

At this point we would normally just file this as “eticket-email-malware”.

But wait. There’s more

There is text following that last line.  It’s in a white font and so does not appear on most recipients’ screens.  It reads:

  • US runs a 4th straight $1 trillion-plus budget gap
  • Obama team promises more aggressive president in second debate
  • Feisty Biden gives Democrats a reason to smile
  • Video: Issa: Budget cuts not issue in Libya attack
  • Obama team promises more aggressive president in second debate

In other words legitimate looking text designed to convince spam filters that this email is somehow genuine – and what could be more legitimate and genuine that the upcoming US election.  If you used a blue background on all of your screens (and we’re sure you don’t) then you would have seen it immediately.

Leave a reply


Categories

FRIDAY, DECEMBER 15, 2017

Featured

Archives

Latest Comments

Social Networks