[Nfbf-l] FW: Dear Friends, I heard about this on CNN, so not the "Typical Vires scare"!!!

[elizabeth McNally]

We believe this is well worth reading.
IRS Scam Now World's Biggest E-mail Virus Problem Criminals are waging a
nasty online campaign right now, hoping that their victims'
fears of the tax collecter will lead them to inadvertently install malicious
software.
The , entering its third week now, is showing no signs of slowing down,
according to Gary Warner, director of research in computer forensics with
the University of Alabama at Birmingham. This accounts for about 10 percent
of the spam e-mail that his group is presently tracking, he said. "This is
the most prominent spam-delivered virus in the world right now," he said.
Since first spotting the spam on Sept. 9, antispam vendor Cloudmark has
counted 11 million messages sent to the company's nearly 2 million desktop
customers, said Jamie Tomasello, abuse operations manager with Cloudmark.
That number is "very high," she noted.
The messages typically have a subject line that reads, "Notice of
Underreported Income,"
and they encourage victims to either install the Trojan attachment or click
on a Web link in order to view their "tax statement." In fact, that link
takes the victim to a malicious Web site.
The IRS not to open attachments or click on links included in e-mail that
claims to come from the tax-collection agency.
What makes this campaign particularly ugly is that the malware that
accompanies the fake IRS messages is a variant of the hard-to-detect Zeus
Trojan. This software hacks into bank accounts and drains them of money as
part of a widespread financial fraud scheme. Researchers estimate that the
Zeus criminals are emptying more than a million dollars per day out of
victims' bank accounts with the software. Small businesses have been
particularly hard-hit by this fraud, because banks have sometimes held them
accountable for the losses.
Testing a recent variant of Zeus on the VirusTotal Web site, Warner found
that only five of the 41 antivirus detection systems used by VirusTotal
managed to spot it.
Although antivirus vendors have other techniques for blocking the malware --
they can stop people from visiting the malicious Web sites, for example --
the spam is giving the companies a run for their money.
"It's difficult to stay ahead of it via antivirus because the Zeus binaries
are changing a few times a day to evade detection," said Paul Ferguson, a
researcher with , via instant message. "It's definitely a problem."


www.accessible-devices.com


__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4458 (20090925) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
<http://mail.accessible-devices.com/pipermail/a-d_accessible-devices.com/att
achments/20090925/9db9fa2a/attachment.html>
This is an Announce only list.  Subscribers are not able to post to this
list.
To unsubscribe from the Accessible Devices list copy the line below.  Paste
it inthe To: line of a blank message and send it.
a-d-unsubscribe at accessible-devices.com
You may download our podcasts from this link,
http://www.accessible-devices.com/Podcasts.html
Or if you're using a podcatcher of some type the subscribe URL is.
http://www.accessible-devices.com/feed.xml
Visit our website at:
www.accessible-devices.com
Please feel free to pass this message on to a friend who might like to
subscribe.
To subscribe to Accessible Devices send a blank e mail to:
a-d-subscribe at accessible-devices.com
Just follow the directions in the confirmation message when it comes.
Please Note: Accessible Devices is not able to provide tech support for
software or products that we supply information about.


_______________________________________________
A-d mailing list
A-d at accessible-devices.com
http://mail.accessible-devices.com/mailman/listinfo/a-d_accessible-devices.c
om 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.409 / Virus Database: 270.13.113/2397 - Release Date: 09/26/09
17:51:00