Alex Zaharov-Reutt
Tuesday, 21 August 2007 17:33
Opinion and Analysis
Page 3 of 4
The second attack is one that isn’t being flagged by Outlook 2007 as a potential phishing email or being captured by the spam filter, and that’s a phishing email from “Technical support”, with the subject line “Check up system today, virus threat www.ml.com”.
The message says that it is from the Merrill Lynch Business Center, and appears to be being sent while the global sharemarkets have seen lots of up and down days of late, having required much central bank liquidity to get things moving again.
In a time of financial uncertainty, Merrill Lynch customers receiving an email purporting to be from Merrill Lynch could be distracted enough by the financial turmoil to think twice before clicking a link.
The message says:
“Thank you for choosing Merrill Lynch Business Center. An advisory from Sophos Labs informed yesterday that a malware writer has been infecting thousands of computers by hiding a new Trojan variant in a cartoon video, which has been spread around the world via e-mail. The malware, identified as Troi/Agent-FWO Trojan was hidden into “Yes & No” Shockwave video, a popular cartoon created by the Italian animator Bruno Bozzetto”.
The message continues: “Please use next link to enter the Merrill Lynch Business Center via protected online server. The system will automatically detect infection and you will get report to your web browser during next 60 seconds”.
After this are the words “MERRILL LYNCH BUSINESS CENTER LOGIN” which is the link they expect you to click on. Underneath this is written “To log in, you must have a valid ID and password”.
The message ends with the wide range of electronics business banking services that are available to you 24/7 once you’ve logged into your account.
So, what can you specifically do to protect yourself? The answers and conclusion is on the next page!
