CNN Spam Attacks
Increasingly, we’re hearing from Louisville clients that they, too, are receiving CNN Alert spam e-mail messages. The e-mail messages themselves appear to be news alerts sent by CNN, but they are not. The attack is making headlines worldwide.
In many cases, the e-mail messages carry a subject line that reads CNN Alerts: My Custom Alert. The message’s body typically includes a headline, the article’s date and a Full Story hyperlink.
These messages are not being distributed by CNN. Users who click upon the embedded links are not directed to CNN’s Web pages. Instead, users are directed to fake CNN Web pages that display an error message stating users must update their Adobe Flash software. The update is actually a virus.
The CNN spam attack is actually fairly sophisticated. Not only do the actual spam e-mail messages appear to be real, they also include CNN’s logo. The links appear to be legitimate. But mousing over these hyperlinks reveals the link does not actually connect to CNN, but typically Web sites overseas or even legitimate Web sites that have been compromised by hackers. Further, the subject lines of the messages have mutated and changed in the last week.
The attack’s volume, too, is significant. According to MX Logic, Inc., some 10 million such messages an hour were being distributed late last week.
Thus, it’s likely you’ll see some CNN Alerts arrive in your e-mail box. When they do, simply delete the messages. Do not click on any links within the messages, nor should you click to install any software or updates.
