Tweet
A fake email is being sent saying that the United States has begun bombing Syria. First, that's not true, and second, do not open the email. It contains malware.Kaspersky Lab said it started seeing the emails Friday morning ET.
"We're currently seeing a spam run which involves a (fake) report from CNN saying that the US have started bombing Syria," wrote Roel Schouwenberg of Kaspersky Lab Expert on the security company's blog.
"We don't have exact numbers," of how many such emails were sent, playing to concerns about possible U.S. involvement in Syria's civil war, Schouwenberg told NBC News via email. "These actors perform multiple mass-mailings per day."
He wrote that clicking on the shortened Web link inside the mail will "lead to an exploit kit which targets older, vulnerable versions of Adobe Reader and Java. The attackers favor using the Java exploit over the Reader exploit, as Java exploits are generally more reliable."
The exploit then downloads a Trojan onto a user's computer system, which then downloads other malware. The goal: to get your personal information.
"We're currently seeing a spam run which involves a (fake) report from CNN saying that the US have started bombing Syria," wrote Roel Schouwenberg of Kaspersky Lab Expert on the security company's blog.
"We don't have exact numbers," of how many such emails were sent, playing to concerns about possible U.S. involvement in Syria's civil war, Schouwenberg told NBC News via email. "These actors perform multiple mass-mailings per day."
He wrote that clicking on the shortened Web link inside the mail will "lead to an exploit kit which targets older, vulnerable versions of Adobe Reader and Java. The attackers favor using the Java exploit over the Reader exploit, as Java exploits are generally more reliable."
The exploit then downloads a Trojan onto a user's computer system, which then downloads other malware. The goal: to get your personal information.
