Swine Flu Spam Returns

A new wave of Swine Flu themed spam is hitting the web, and it carries a nasty payload. The spam messages contain a Word document called H1N1 Flu Situation update that looks like it is from the Centers for Disease Control and Prevention and is said to contain a map showing the spread of the virus across the U.S.

Recipients who unwittingly download the document will open both a self extracting zip file and an executable called doc.exe. The executable installs several kinds of malware including a registry file that activates a Trojan every time the computer is booted.

The Trojan scans the system and steals any passwords and usernames it finds and also installs a keylogger that records every key stroke and mouse click. The stolen info is sent to a remote server for storage. The scammers presumably use the info to commit identity theft and make fraudulent financial transactions.

Attachments should always be scanned before they are downloaded or opened, and never open any .exe attachments received in an email. It’s also important to note that any emails you get from a legit government site will come from the .gov domain, and that no government agency sends any kind of unsolicited email.