Pages

Thursday, August 23, 2007

Email Virus Alert: Storm Trojan invading your email inbox via invitation to join various groups

Here we go again!!! Our inboxes (or bulk folders, thankfully for me) are being invaded by spam emails containing the Storm Trojan, which seems to have re-incarnated from the greeting card format into an invite to join various membership clubs. They ask you to log in and change a temporary password, and that's when the fun begins, for them! Whatever you do, DO NOT click on the URL, and immediately delete the messages!

Also be very, very careful if you surf other blogs, because during a google search, I discovered that there are certain blogs that are exclusively posting the info from those particular infected emails, with the URL link intact!! Not sure what is going on there, and whether the blogs have somehow been hijacked by the spammers, but I have tried to contact Blogger.com about that, as challenging as that is.

SAMPLES from my mailbox

Pet World
Aug 21 (3 days ago)

1. Dear Member,
Are you ready to have fun at Pet World. Member Number: 74545713955627Temp Login ID: user7950Password ID: ql918
This Login Info will expire in 24 hours. Please Change it.
This link will allow you to securely change your login info: {URL removed}
Thank You,
Confirmation Dept.

2. Welcome Member,
We are so happy you joined WebTunes.
Membership Number: 2252917475
Temorary Login: user5886 Temorary Password: uj818
Please keep your account secure by logging in and changing your login info.
Click on the secure link or paste it to your browser: {URL removed}
Welcome,
Membership Services
WebTunes

Others came from the following sources:

Office Antics
MP3World
Wine Lovers
Funworld
Downloader Heaven

How to protect yourself:

Make sure you have good Antivirus Protection. Never click on attachments or links in emails from people you do not know. And even if you do know the sender, confirm that it actually came from them. If you use Outlook Express for accessing your email, disable the preview pane: Some viruses can actually infect your computer without even opening the email.

To disable Preview Pane in Outlook Express:

Click on "View" then "Layout" and uncheck Preview Pane.

Sigh!

9 comments:

Righty64 said...

Incog,
Thanks for the info. I come here to find out all the scoop on these matters! Is it not amazing that it is the blogging community that seems to be ahead of the curve on these things?

Drew said...

These ones have been pretty amusing to me...they use IP address links, and don't even hide them under text.
Of course, there may be variants that do a little better, but I on;y look at the first couple of messages I get that seem to be similar spam.

Chris McClure aka Panhandle Poet said...

If my filter doesn't get 'em my delete button does!

Ottavio (Otto) Marasco said...

Very important point that last one, "disable preview pane"!

Apparantly this time it's far more sophisticated than its first incarnation in January. Thanks Incog

Frasier said...

Well I will need to disable my preview pane
Thanks Incog

Pat Jenkins said...

i thought when using a trojan it was meant for protection. i guess not in this case!!!

Karen Townsend said...

Thanks for the tips. Lots of good information here.

The Vegas Art Guy said...

If you go to the MacAfee website, they have a free product called 'stinger', which sits on your desktop and will deal with the newest and nastiest worms, trojan horses etc...

It has saved my butt more than once, the nice part is that you don't reboot your computer to install it and thus doesn't get infected.

Incognito said...

So annoying to have to sit and delete it all, but....
thanks for that suggestion VAG.. will check it out.

We gotta look out for each other..!!