Network News

X My Profile
View More Activity

Barbara Moratek Is Not Your Friend

Scammers are targeting non-profit organizations with e-mails that claim to have been sent from a "Barbara Moratek" of the "Ivete Foundation." If you receive one of these e-mails, simply delete it. They appear to be designed to entice curious recipients to run an online search for either of those names, which invariably turns up a bunch of links that -- if visited -- try to install malicious software.

Hat tip to Sunbelt Software, which blogged about this sneaky scam earlier today. Sunbelt says doing a Google search for "Barbara Moratek" returns several links to videos at malicious sites that try to foist fake "video codecs," malicious software disguised as a program the visitor supposedly needs to install in order to view the content.

The e-mail looks like this:

From: B. Moratek- Ivete Foundation [mailto:bmoratek@ivetefoundation.org]
Sent: Thursday, January 10, 2008 5:42 PM
To:
Subject: Information for prospective donors
Would you have additional information for prospective donors or volunteers other than what is on your website? Thank you in advance.

Warm regards,
Barb
Barbara Moratek
Vice President, Director of Grant Programs
Ivete Foundation
Phone-
Fax- 800.397.7205
Web- www ivetefoundation.org

Indeed, when I used LinkScanner to test one of the links returned in a search for Ms. Moratek -- a user-generated post at Digg.com -- the test came back warning that the link tries to install a "trojan fake codec." LinkScanner doesn't catch all malicious links, but it's a nice, free tool to have in your arsenal of stay-safe-online tools. I'm sure I don't have to say this, but I will anyway: Don't let curiosity get the best of you, and don't visit any of those links.

Pretty brilliant scam when you think about it. These type of subtle social engineering attacks -- which take advantage of peoples' trust of social networking and familiar Web sites that allow posting of user-generated content -- are almost certainly going to come to define the challenges Internet users will face most often throughout 2008.

By Brian Krebs  |  January 11, 2008; 2:12 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Microsoft Patches Three Windows Security Holes
Next: Report: TSA Site Exposed Travelers To ID Theft

Comments

For some strange reason, it is especially insidious when sent to the work email of an employee of a non-profit association...

Posted by: Jim Trigg | January 11, 2008 6:08 PM | Report abuse

One of my colleagues got this email when it first came out. luckily, our spyware/virus protection blocked the malicious code. At the time, the actual site for ivetefoundation.org tried to install code. I complained to the domain register (1&1) and got no help, nor did I expect any. A day or two later, though, the sight had an actual "This Site Coming Soon" page, and LinkScanner doesn't show malicious code. I'm wondering if they're making their own domain benign to shield blame or simply make themselves look more legit so people check out links about them.

Posted by: ivetefoundation.org | January 14, 2008 11:20 PM | Report abuse

One of my colleagues got this email when it first came out. luckily, our spyware/virus protection blocked the malicious code. At the time, the actual site for ivetefoundation.org tried to install code. I complained to the domain register (1&1) and got no help, nor did I expect any. A day or two later, though, the sight had an actual "This Site Coming Soon" page, and LinkScanner doesn't show malicious code. I'm wondering if they're making their own domain benign to shield blame or simply make themselves look more legit so people check out links about them.

Posted by: Bill Snyder | January 14, 2008 11:21 PM | Report abuse

I got this fake e-mail you described. Thanks for the heads up -- you've saved me quite the headache!

Posted by: Eli | January 24, 2008 5:27 PM | Report abuse

Speaking of malicious, having a giant ad blow away the article for a period of time like it does here is not any better in my opinion. Sorry to say I won't view any of these articles because of that. So all those other ads will go unseen on my computer. When will the big boys out there get with the program?

Jeepers, even posting a comment forces me to sit while the ad dances. So yeah, I saw it but I'll be sure to steer clear of that company as well as this site. yuck.

Posted by: Vikingsson | February 23, 2008 5:01 PM | Report abuse

bkjnma eznl fthib viatnofw nijeskfvh nwhmo tqxwnlru

Posted by: gqspjro ckstnri | March 27, 2008 3:42 AM | Report abuse

rnzjwkc mgnx oufxdkws vfrg sbgmnvwdr zehpwq xhrty http://www.pbqr.exopmqdk.com

Posted by: oscf drequazsi | March 27, 2008 3:43 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company