What do Angelina Jolie and the new Prince George have in common? They’ve both been used as bait in a malware attack that’s unleashed via fake news articles. Apparently, Jolie has prior for being used as the hook in malware attacks and her being named the highest paid actress in Hollywood two day’s ago by Forbes has promoted her back to the top of the “spam” heap.
Jolie’s high income is being used as the latest “bait” for a new malware campaign that, ironically, can strip you of your own income courtesy of this email scam.
The latest spam attack was uncovered by ThreatTrack Security Labs. It takes advantage of Jolie’s inclusion as the number one earner on the Forbes list to entice you to click on malicious links in a fake email from CNN.
The email, purporting to be from CNN, has the subject line of: “CNN: Forbes: Angelina Jolie tops list of highest-paid actresses.” The actual body of the email is a “screen capture from the news site’s web page that features the story.
But if you click any of the links contained in the email, you’ll get a prompt to download what appears to be an Adobe Flash Player update. According to technewsdaily.com the file is labelled “update_flash_player.exe.” It is not an update at all, but a bit of malicious software designed to steal your banking details.
After the “update” installs on your computer, the software will automatically download another program that the ThreatTrack Security company has identified as a variation of a “Zbot/Zeus,” a Trojan malware program.
Apparently, the use of news and current events is known as “linkbait” which is part of a tactic called “social engineering.” This is a term used in technology that means to use “emotional” manipulation to aid in reaching a goal versus using technological know-how.
These types of malware attacks are nothing new and the Angelina Jolie/Prince George malware attacks via fake news articles is just the latest version of software programs designed to siphon personal information out of your computer.
By using the fake CNN logo and combing the “gossip” factor that everyone loves to read, they’ve come up with a variant of the honey trap. The malware scam artists are relying on the email recipient being curious enough to click the email provided links.
Like Angelina Jolie’s Forbes’s entry, the arrival of the Duke and Duchess of Cambridge’s new baby, Prince George was also used as malware linkbait.
The Australian Department of Broadband, Communications and the Digital Economy issued a warning about email malware scams that were linked to the arrival of the the new royal baby in England. The email is similar to Angelina Jolie’s malware scam.
The email subject is, The Royal Baby: Live updates. It also had a fake link to a live video feed that was set up outside the hospital where Prince George was born. But if the curious clicked on the link to the live video feed, they were redirected to a website that would attempt to install malware.
Trend Micro US anti-spam research engineer Cyril Coronado posted on his blog that over 10 per cent of hits to the “Prince George” malware website came from Australia. Coronado also posted that other Prince George malware scams included a CNN news report exactly like Jolie’s that had the subject message, US presidents have spotty record on gifts for royal baby.
While most of the malware used in these phishing scams are well known and can usually be caught by your own security software, this type of software attack is constantly being changed to escape detection. Generally the best advice is to ignore and delete unsolicited emails.
So the answer to the question, “What do Angelina Jolie and Prince George have in common,” is that both have been used recently in malware attacks via fake news articles and emails. But the 38 year-old film star has at least one advantage over the new prince. She’s been used so often as malware linkbait that in 2008 some websites gave her the nickname “Queen of Spam.”
By Michael Smith