| Bogus CNN and MSNBC messages may infect workstations |
| August 22nd, 2008 |
We'd like to provide you with an update on recent spam attacks. CCEX has noticed high volumes of bogus CNN and MSNBC messages that contain links to download malware. Spammers have copied the contents of CNN and MSNBC alerts and substituted a link that prompts users to upgrade to a new version of a fake Adobe Flash player.
Our Anti-Spam provider, Postini, has detected and blocked the vast majority of these attacks, and continues to release protections to stop the new mutations. Their capture rate is over 99%; however, the attack volumes are so large (in the hundreds of millions of messages) that a 1% passthrough rate means that a few messages may end up in your inbox.
For best security practices, if you see any CNN, MSNBC, or suspicious news alert messages:
We are asking all of our clients to make sure they are running the latest version (9.0.124.0) of Adobe Flash by visiting: http://www.adobe.com/go/getflash
We recommend unchecking the “Free Google Toolbar” option and proceeding with the installation instructions.
It is also a good idea to make sure your workstations are running the latest Microsoft Windows patches, which can be installed by visiting: http://update.microsoft.com/microsoftupdate
Please be assured that we consider virus and spam protection a high priority, and will continue to monitor these spam attacks.
Thank you,
Capitol Computer Alert by: Jeffrey Pena (Senior Network Engineer) |