Thursday, July 1, 2010

Spam mails lure with domain password reset warning

A wave of spam mails lures recipients with fake warning of domain password reset; links lead to a fake Canadian Online Pharmacy

Tettnang, 1 July 2010 – IT security expert Avira warns of a current wave of spam mails that attempt to trick recipients by warning that their domain password will be reset unless they click through on an embedded link – which then leads to a fake online pharmacy.

With subject lines like “Reset your <domain name> password”, the emails pressurize users, advising that their domain password will be reset – unless they click on a link to stop this from happening. And in an effort to trick even more people, recipients who agree to a password reset are lured by the spammers to click through on a link in the message to proceed.

What users do not see is that the link in the mail leads to a domain other than the one shown in the message. Furthermore, while this web site is apparently loading, users are automatically redirected to yet another site after four seconds. During this time, a hidden so-called ‘iframe’ is shown, which is often used to exploit security vulnerabilities in browser plug-ins and outdated software by injecting malware.

Hapless users are then redirected to a fake Canadian Online Pharmacy. This fraudulent site is designed to capture credit and debit card information. Anyone making an order also runs the risk of receiving fake medications instead of the real thing, which may even pose a health risk.

Avira advises its users not to click on the embedded links or order pharmaceutical products from such websites, but to remove these mails immediately from their mailbox and empty the deleted items folder. Users of the Avira Premium Security Suite profit from double protection: spam mails are tagged as phishing by Avira MailGuard and the spam web site is also blocked by Avira WebGuard.

Users of the free Avira AntiVir Personal – Free Antivirus basic protection need to stay on their guard not to fall victim to email-based spam or phishing attacks. For optimum protection, Avira recommends an upgrade to its AntiVir Premium or Avira Premium Security Suite.

Further information about the spam mails can be found in the Avira TechBlog.

About Avira

More than 100 million consumers and small businesses depend upon Avira’s security expertise and award-winning antivirus software, making the company the number-two market share leader globally. Avira is ranked #1 in technology innovation according to ABI Research; recommended by Consumer Reports for its free antivirus software; cited by OPSWAT as the #1 fastest-growing antivirus vendor in 2012 and the #2 largest vendor worldwide in 2011; and has received a nearly unbroken string of Virus Bulletin VB100 awards for the past decade.

Avira provides IT-security protection to computers, smartphones, servers and networks, delivered as both software and cloud-based services. Visit www.avira.com.