Friday, July 28, 2006

Romance Scam Installs Trojan (Crimeware)

Romance scams occur all the time on the Internet. Most of these scams use "social engineering," or "human trickery" to lure their victims.

This week, Sophos is reporting a new version of this scam - where all you have to do is view the pictures of a prospective lover - and a trojan is downloaded on your system.

Here is the report from Sophos:

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have reminded internet users to be on their guard following the discovery of a spyware Trojan horse that displays pictures of a potential Russian love match while secretly stealing information.

When first run on a user's computer, the Troj/Keylog-HD Trojan horse displays a slideshow of 3 photographs of a young woman called "Victoria Stasova". Accompanying the photographs is a love heart and an AOL email address.

However, while the pictures are being displayed, the malware steals keypresses and information from the infected user's PC which could allow hackers to plunder bank accounts and commit identity theft.

Link, here.

Please note that the pictures of Victoria could be replaced by other attractive young women, or men. Here is an interesting site, Romancescam.com, which has a database (complete with pictures of the scammers).

I've written some previous posts on Romance Scams:

Postal Money Order Romance Scam

Phishing for a Lonely Heart

There is also a Yahoo Group - which is extremely active - that goes after these scammers:

Romance Scam 419 Yahoo Group (US)

Here is their credo:

"Welcome to the group Romance scams. Please feel free to tell us your story whether it is your own personal story or that of someone you know. This group provides a safe haven for all, free of criticism and judgment. Our goal is to educate by getting the word out to as many people as possible. Check out our photo, link, database, and file pages when you get the opportunity."

If you want to learn more about this type of scam - this is probably the best place to go.

So far as avoiding malware, never open or download from "unknown sources" and make sure the protection on your computer is up-to-date.

No comments: