Relative exposure to malware

by Carol~ Moderator - 2/28/12 5:35 PM

In Reply to: NEWS - February 28, 2012 by Carol~ Moderator

From the avast! Blog:

If you work at an antivirus company, be sure that family members will soon ask you questions about computers and the latest malware. Sometimes, they will even send you some. The other day, I got an odd email from my cousin, soon followed by a similar note from my sister that contained this: [Screenshot]

The two of them - completely unintentionally - sent me a personalized bit of spam/malware. This was quite nice. After all, there aren't so many Lyle's in the world and I thought it was really considerate of some malware writers to address me directly. So I asked Jan Sirmer in the AVAST Virus Lab to tell me about how it was done and the goal of this malware. Here are his comments:

1) They generally get the names by parsing email addresses. Because many users using their first name in their email addresses, for example, name@blabla.com, they can just parse the email address and they have one of your names.

2) This is a relatively old-fashioned bit of malware designed to steal personal details. Click on the link and it will show a page with a login table. Your email address is already entered into the "name" slot and it is just asking for your Windows ID password. It doesn't even check to see if this is a functioning password, just if the length is longer than one character. From here, you will be redirected to crazyonlinequizzes.com/d/p/a3f7r83533 (or a similar location) where it will show that some prize has been won and you can pick which one. A time counter is ticking away to push you to make a fast and thoughtless choice. And of course, once you choose your prize, you will be redirected again to another place to pick it up.

Continued : https://blog.avast.com/2012/01/27/relative-exposure-to-malware/