New virus warning from Red Cross

News

New virus warning from Red Cross

The US Red Cross has warned of a credit card-stealing Trojan horse sent via e-mail that looks like it comes from the disaster-relief organisation.

The Red Cross said it had been notified of the computer virus, dubbed Septer.Trojan, on 17 October by Symantec.

However Symantec has classified the threat risk from the virus as low because the e-mail must be sent manually.

Vincent Weafer, senior director at Symantec, said he knew of no one who had fallen for the ruse. He also confirmed that Symantec had identified the Web site where the phony donation form is located.

"I suspect it's not very widespread," Weafer said. The Trojan cannot self-replicate, and recipients must be specifically targeted by the virus writer.

The virus comes in the form of an executable file attached to an e-mail message. If the user clicks on the file, they are presented with a donation request form to fill out. The e-mail appears to come from the Red Cross, United Way and the September 11 Fund. Once the form is complete, the user's personal information is saved and uploaded to a Web site not connected to any of the organisations concerned.

Symantec said the Trojan virus does not let users close the displayed form without filling in the requested information. But the form can be closed by holding down the Ctrl+Alt+Del keys, then selecting "end task". If the form has not been filled in, no information will be sent to the virus creator.

The file size of the virus attachment is 518,144KBytes. If the recipient views it in Microsoft's Outlook e-mail program, the attachment will display a World Wide Web icon.

Although the Red Cross is not currently soliciting for donations via e-mail, the organisation said it had sent out an e-mail message to previous donors on 14 September. This message contained a link to an official, secure online donation site.

In addition, the organisation said that when its nationwide chapters and business partners send out fundraising e-mail messages, the donor is directed to the American Red Cross's official Web site, the Web site of one of its chapters, or to the site of one of its online partners.

The Red Cross has advised people who receive the fraudulent e-mail to delete it.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy