New variant pretends to be FIFA communiqué offering free 2006 World Cup tickets
Published: 3 May 2005 09:15 GMT
A variant of the Sober virus was discovered on Monday that attempts to fool people into executing its payload by pretending to be an email from football world governing body FIFA offering free tickets to the 2006 World Cup in Germany.
The latest Sober worm, which operates in a similar fashion to others of its kind, uses various email subject headers to try to entice people into opening its attachment. The virus then harvests email addresses from the victim and directs a barrage of spam to those addresses. However, the worm avoids sending messages to companies involved in the antivirus and security industry.
Antivirus firm Trend Micro has highlighted the worm's use of social engineering to spread and rated it a "medium risk".
Jamz Yaneza, senior virus researcher at TrendLabs, said: "This is a prime example of social engineering - these games are very popular worldwide and even users who are savvy enough to suspect this email is a fake, may take a risk and click on the attachment anyway in the hopes of getting free tickets."
Email security specialist MX Logic has issued a statement warning that Sober is exploiting the fact that FIFA has kicked off the second phase of 2006 ticket sales to the cup on Monday - the same day the variant was discovered.
Scott Chasin, chief technology officer at MX Logic, said: "This is the latest in a very prolific family of mass-mailing worms… It demonstrates, once again, that worm authors are continually improving social engineering tactics, highlighting the need for businesses and consumers to remain constantly vigilant against the ever changing tactics of worm authors."
Antivirus firm McAfee has given the worm a "medium" risk rating for home PC users. Craig Schmugar, virus research manager for McAfee Avert, said the multi-lingual abilities of the worm are helping it spread.
"The social engineering has been very effective… They will use German messages for German Windows users. They tell them they've won tickets to the World Cup, and that has been an effective [ploy] for that region," said Schmugar.
Munir Kotadia writes for ZDNet Australia
CNET News.com's Dawn Kawamoto contributed to this report
Main Responsibilities; This person will provide Global IT support through effective and efficient analysis, documentation, implementation and ...
Symantec Anti-Virus or Citrix would be an advantage. Alongside this only apply if you come from a SME/Medium sector background. IT Helpdesk Analyst ...
As a Senior Storage Engineer you will be part of a team of which are spread across 4 locations in EMEA. Experience of medium-to-large data migrations ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Tim Ferguson Exclusive: Former MySQL boss Marten Mickos talks open source Why Microsoft could become one of the "biggest friends of open source" and why Oracle getting its hands on MySQL could be "one of the biggest open source coups ever"...
Naked CIO Naked CIO: Cloud computing more expensive than we thought? Smart IT leaders will examine the impact of how they pay for tech