Interesting Italian Social Engineering Attack

Here's an interesting way of getting your victim to download a Trojan horse. Some users in Italy have been receiving messages "from" lawyers' offices that appear to be replies to a message that the victim never sent.

The messages warn the victim that the lawyer has received pornographic spam from him or her, threatening the victim with legal action if it happens again. It goes on to say that the victim probably has some sort of virus on his or her PC and suggests that the victim download a virus cleanser, to which there's a helpful link in the message.

Of course, the link downloads a Trojan.

Not only that, but the names used for the lawyers seem to be real organizations. We've heard reports that at least one legal firm has four phones permanently tied up with victims calling about these "threatening-yet-helpful" messages apparently sent by the lawyers.


... Richi Jennings, with thanks to Symantec's Security Response team. Also noted (in Italian) by Paolo Attivissimo and Luca Curatola.

Post a comment

You must be logged in to post a comment. To comment, first join our community.