Monday, December 24, 2007 11:37 AM
cmosby
Symantec Security Response Weblog: Is that really you, Santa?
Is that really you, Santa?
Look, here comes Santa...on his sleigh with Rudolph the red-nosed reindeer and a computer. This year, he seems to have decided to distribute free gifts through email...but with a catch.
An email that contains a link to a malicious file reportedly arrives as the following:
Subject: Seasons Greetings
Message Body:
listen up,
This Christmas, we want to show you something you will really enjoy.
This might not be fun for the whole family, but I bet you'll like it come one take 2 min and check it out.
hxxp://merrychrist[REMOVED]
If you click on the links, you will find pictures of women dressed as "Mrs. Clause" on the site and the malicious file stripshow.exe, which is a new variant of Trojan.Peacomm.D,
will be downloaded if you click on the picture.
Once it runs, you will be rewarded with malicious gifts for free!! As we have warned in the past, users are taking serious risks when being enticed by free stuff available on the Internet. Always keep your antivirus software up-to-date and follow safe computing practices.
Happy holidays!!
Posted by Shunichi Imano on December 23, 2007 08:48 PM
Source: Symantec Security Response Weblog: Is that really you, Santa?
Filed under: Security and Anti-Virus, Spam\Phishing