Pin Me

Deciphering News Headline Emails with Hidden Malware

written by: Greg Brian•edited by: Bill Bunter•updated: 11/25/2009

It appears most internet users finally figured out that you shouldn’t click on an email with the innocuous “Reply to This!” or “Hi Dear” in the subject line. Not that the world populace becoming smarter deters anybody who wants to phish for personal information on your computer.

  • slide 1 of 3

    These malware crooks are typically three steps ahead of everybody else, and it’s been more common to create a new insidious way to get your information via relevant news headlines sent to your email box. And this year, it went to an ironic level in using the story of President Obama winning the Nobel Peace Prize to make the next victims of online identity theft.

    Of course, this leads to a quandary for the innocent who share countless email links with their online friends about major news headlines. The internet seems to be turning into nothing but a constant minefield, with seemingly no way to determine which news headline email is safe and which isn’t. It doesn't help when the sharing of news online is an ingrained part of everyday life in most homes and offices.

    But there are ways to defend against this, even though it requires an astute ability to weed out the real from the nefarious.

    Ask friends to send you headline news stories with a personal identifier in the subject line

    While a lot of work when you have hundreds of friends online, sending a mass request to please put an identifier in the email subject line when sending news links shouldn’t be considered unnecessary. However, out of courtesy, someone sending a news link should automatically place something personal in the email subject line so friends will know it’s from them and not someone installing malware on your computer. Although placing your name in the subject line doesn't always work when phishers can sometimes obtain and use your name or someone else's to make it look convincing.

    Unfortunately, we’ve been living in a culture where seeing a hot story headline in your email box incites an automatic click without thinking about where it came from. The above-mentioned President Obama winning the Nobel Peace Prize story was one of the most powerful examples of being fooled to date.

    To add a new layer to the automatic click, the above permeated email promised that it would download a story onto one’s computer to give details about members of the populace against the Obama Peace Prize win.

  • slide 2 of 3
    How to determine whether an email with a major news headline is real or notOffices are more apt to click on emails with hot news headlines because other media isn't available. But here's ways to get legit news headlines without depending on shared emails.
  • slide 3 of 3

    When people made the attempt, a small malware program was installed that likely stole passwords and who knows what other personal information from millions of people. It isn’t out of the question that this was one of the most successful phishing and malware scams ever based on the nature of the news story.

    But what other options are there when you’re fairly sure that the email looks legit, yet you’re not really sure based on the earlier-mentioned lack of courtesy to indicate who it’s really from?

    Rely more on Google News alerts to keep up on major news stories

    This practical solution is one that keeps you in the loop of news stories that are important to everybody, sensationalistic or not. Google News gives you links to all the major news agencies along with personally identifying who they are so you won’t be confused. Any other email giving a controversial news headline should automatically be considered suspicious when any major news agency online will have the latest of everything so you won’t be in the dark.

    On office computers, where the malware-tainted emails with news headlines might be more apt to go, it’s also a good idea to sign up for Google News alerts. When done, employees will be more apt to avoid the tempting sensationalistic headlines showing up in their email boxes. After all, when you’re stuck in an office and away from other media all day, wanting a quick gist of a major story in cyberspace is going to be inevitable.

    We all know those trying to get your personal information will eventually try placing a ruse such as a fake Google news alert in emails, along with other convincing details. Nevertheless, you’ll be able to have a little more of a sixth sense now in which news headline emails are real and which aren’t.

    If usually in doubt, it’s best to not open it most of the time and realize that by not opening it, you aren’t really going to be at a loss in communing with the world on a major or scandalous news story.

    Source:

    http://www.trustedsource.org/blog/313/Obama-Nobel-Prize-Spam-Links-to-Malware-and-Drive-By