Information Security Update: February 21, 2008

The following is some updated information that we thought might be of interest. This is not a separate issue of the Newsletter:

NEW YORK STATE OFFICE OF CYBER SECURITY AND CRITICAL INFRASTRUCTURE COORDINATION CYBER INFORMATION BULLETIN

DATE ISSUED:

February 21, 2008

SUBJECT:

Malicious Email Messages Referencing the Lunar Eclipse
One state reported that they received a large number of malicious email messages which reference the “lunar eclipse” and include a link purporting to show video of a lunar eclipse. Clicking on the link connects users to a site that will deliver malware to client machines. Presently, some commercial antivirus products are not detecting this malware. The addresses hosting the malware are reported to be constantly changing, thus minimizing the impact of blocking the offending sites.

We recommend that organizations warn users of the risks associated with visiting unknown or un-trusted Web sites and clicking on links provided in email messages.

As this example demonstrates, be advised that attackers may use current events (such as the recent lunar eclipse, various holiday greetings, and the 2008 Presidential Election) to entice users to visit Web sites, click on links, open attachments, or perform other actions that could lead to system compromise.

Contact Information