Just twelve hours after the Texas Fertilizer Plant Explosion spammers are already up to no good.
Spam emails containing links to phishing or malware are common. We’re used to seeing our spam folder fill up with subject lines using celebrity names or news stories to try to entice us.
Last night (4/17/2013) there was a tragedy in Texas – an explosion at a Fertilizer plant. While news agencies are quickly updating, so are the criminals behind spam emails. Within 12 hours of the explosion, my email account received spam with “Texas plant explosion” in the subject line. The first one arrived just after 8 am today, EDT. Since then, I’ve received subsequent versions with slight variations in the subject line.
A search of the link included in these emails shows it reported as a virus, with the same type of links also used for emails about the very recent tragedy at the Boston Marathon. The spam using the Boston tragedy seemed to start showing up within 24 hours of the event.
I received the first with the Boston subject line yesterday. The link was disguised as a link to a news story with CNN and titled: Opinion: Boston Marathon Explosions – Romney Benefits? – CNN.com*
This malware has been reported by a Kapersky Lab expert, who explains that the initial link, which is disguised as a “news” story, opens a youtube video. After a 60 second delay, another link to an executable file is activated, which contains the virus.
BEWARE – Do NOT click links to any supposed news stories in any emails you receive. This type of Malware is also being spread through Social media sites like Facebook. To read updates on news stories, go to known and trusted news sites.
Sample Texas explosion spam email with link:
(We have blurred out the actual IP address)