Barbara Moratek Is Not Your Friend
Scammers are targeting non-profit organizations with e-mails that claim to have been sent from a "Barbara Moratek" of the "Ivete Foundation." If you receive one of these e-mails, simply delete it. They appear to be designed to entice curious recipients to run an online search for either of those names, which invariably turns up a bunch of links that -- if visited -- try to install malicious software.
Hat tip to Sunbelt Software, which blogged about this sneaky scam earlier today. Sunbelt says doing a Google search for "Barbara Moratek" returns several links to videos at malicious sites that try to foist fake "video codecs," malicious software disguised as a program the visitor supposedly needs to install in order to view the content.
The e-mail looks like this:
From: B. Moratek- Ivete Foundation [mailto:firstname.lastname@example.org]
Sent: Thursday, January 10, 2008 5:42 PM
Subject: Information for prospective donors
Would you have additional information for prospective donors or volunteers other than what is on your website? Thank you in advance.
Vice President, Director of Grant Programs
Web- www ivetefoundation.org
Indeed, when I used LinkScanner to test one of the links returned in a search for Ms. Moratek -- a user-generated post at Digg.com -- the test came back warning that the link tries to install a "trojan fake codec." LinkScanner doesn't catch all malicious links, but it's a nice, free tool to have in your arsenal of stay-safe-online tools. I'm sure I don't have to say this, but I will anyway: Don't let curiosity get the best of you, and don't visit any of those links.
Pretty brilliant scam when you think about it. These type of subtle social engineering attacks -- which take advantage of peoples' trust of social networking and familiar Web sites that allow posting of user-generated content -- are almost certainly going to come to define the challenges Internet users will face most often throughout 2008.
Posted by: Jim Trigg | January 11, 2008 6:08 PM | Report abuse
Posted by: ivetefoundation.org | January 14, 2008 11:20 PM | Report abuse
Posted by: Bill Snyder | January 14, 2008 11:21 PM | Report abuse
Posted by: Eli | January 24, 2008 5:27 PM | Report abuse
Posted by: Vikingsson | February 23, 2008 5:01 PM | Report abuse
Posted by: gqspjro ckstnri | March 27, 2008 3:42 AM | Report abuse
Posted by: oscf drequazsi | March 27, 2008 3:43 AM | Report abuse
The comments to this entry are closed.