小心!偽冒「安全軟件更新提示」威脅企業用戶
網絡威脅日日新鮮,今天安全機構 Symantec 便發現了一種新式社交工程垃圾郵件(Social engineering spam),此郵件冒以網絡安全軟件公司名義,提醒用戶下載並執行附加檔案,以更新該防護軟件。由於近日網絡上不斷出現類似 Cryptolocker Trojan 等木馬程式,用戶普遍擔心現有安全軟件未能探測所有病毒,所以不會對這些電郵更新提示產生懷疑,在未經仔細考慮下便進行下載並更新。
以下為專家發現偽冒安全軟件公司名義發出的電郵及相關標題,請大家小心留意,以免中招:
– AntiVir Desktop: Important System Update – requires immediate action
– Avast Antivirus: Important System Update – requires immediate action
– AVG Anti-Virus Free Edition: Important System Update – requires immediate action
– Avira Desktop: Important System Update – requires immediate action
– Baidu Antivirus: Important System Update – requires immediate action
– Cloud Antivirus Firewall: Important System Update – requires immediate action
– ESET NOD32 Antivirus: Important System Update – requires immediate action
– Kaspersky Anti-Virus: Important System Update – requires immediate action
– McAfee Personal Firewall: Important System Update – requires immediate action
– Norton AntiVirus: Important System Update – requires immediate action
– Norton Internet Security: Important System Update – requires immediate action
– Norton 360: Important System Update – requires immediate action
– Symantec Endpoint Protection: Important System Update – requires immediate action
– Trend Micro Titanium Internet Security: Important System Update – requires immediate action
雖然電郵標題有所不同,但含有惡意軟件的附加檔案卻沒有改變,一旦檔案被啟動,便會即時連接到 networksecurityx.hopto.org,自動下載另一個惡意軟件,以下為專家的建議,以幫助保障用戶網絡安全:
– 避免開啟任何可疑連結
– 避免開啟任何來歷不明的檔案
– 回覆電郵時﹐不要提供個人資料
– 安裝全面網絡安全防護軟件
– 開啟不明電郵或社交網站上的連結時,必須提高警覺
