Beware! Fake CNN emails about USA bombing Syria spread malware


CNNMalicious hackers have spammed out an attack designed to infect computers, disguised as a breaking news story about the United States bombing Syria.

The emails, which claim to come from CNN, declare (in rather poor English) that the United States has dropped 15 bombs on Damascus.

The emails appear to be sent from and have the subject line:

CNN: “The United States began bombing”

Fake CNN email

(CNN) -- Pentagon officials said that the United States launched the first strikes against Syria. It was dropped about 15 bomn on stalitsu syria Damascus. Full story »

However, as researchers at Kaspersky Lab describe, clicking on links in the email takes the victim’s browser to poisoned webpages designed to infect computers with a Trojan horse by exploiting vulnerabilities in Adobe Reader and Java.

If you have kept your installations of Adobe Reader and Java updated with the latest security patches, and are running an up-to-date anti-virus program, you should be protected from the current threat - although, of course, the bad guys could update their attack at any time to exploit unpatched vulnerabilities.

But the best protection would be to avoid clicking on the dodgy links in the first place.

Teach yourself and your friends to not trust unsolicited “breaking news” emails sent out of the blue, and instead visit legitimate news websites for the latest developments on the worsening situation in Syria.

Tags: , , , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.