Phishing With Swine Flu As Bait

This story was written by CNET's Elinor Mills.
Phishers and spammers have caught swine flu fever and are exploiting fears around the outbreak to try to sell pharmaceutical products or steal information, security experts said Tuesday.

The e-mail scams have a subject line related to the swine flu and typically contain either a link to a phishing Web site or an attachment that contains malicious code, the United States Computer Emergency Response Team (US-CERT) said in an advisory.

One scam features a malicious Adobe PDF document titled "Swine influenza frequently asked questions.pdf," according to Symantec. The malicious PDF file has been recognized as "Bloodhound.Exploit.6" and it drops malicious InfoStealer code onto the victim's computer, the company said.

One spam with a subject line "Suspected Mexican flu toll hits 81" includes news headlines from legitimate agencies and asks recipients whether they are located in the U.S. or Mexico and if they know anyone affected by the outbreak. Recipients are asked to go to a Web site to fill in a form or reply to the e-mail and include their e-mail address, address, and phone number, according to a post on Symantec's blog.

McAfee Avert Labs also has information on Swine Flu-related spam on its site.

Cisco IronPort estimates that swine flu-related spam accounted for up to 4 percent of the worldwide total at its peak.

CERT tips for protecting against scams are to avoid following unsolicited Web links or attachments in e-mail messages and maintain up-to-date anti-virus software. More information is on the CERT site here and in a downloadable PDF.

For information about the swine flu visit the U.S. Centers for Disease Control and Prevention Web site.
By Elinor Mills