A Cellopoint Reminder: No Let-up in CNN Phishing Attacks

A flood of phony CNN phishing email has been causing chaos around the world. Thanks to monitoring by the Cellopoint Global Anti-spam Center (CGAC), it has been known that hackers have been sending out vast quantities of phony CNN phishing emails since August 5, and the volume of these malicious emails has not slackened significantly up to this weekend. It is estimated that 7-8 million of these emails are bombarding users' computers worldwide every hour. The subject line of the emails has changed from "CNN.com Daily Top 10" to "CNN Alerts: My Custom Alert," but the body of the email still replaces the normal web site URL with a link to a malicious fraudulent CNN web site. The email attempts to lead the recipient to the phony web site and induce him or her to download a malicious program.

Because CNN originally sent emails with a similar subject line message, recipients may not suspect that clicking on this email will take them to a malicious web site. When the user reaches the phony CNN web site, they will see a message saying that they need to update their browser's Flash player. It's quite likely that many ordinary users will naturally press "Confirm update" at this time. If they do, a malicious sham Flash player program will be downloaded and installed on their computer.

Cellopoint has developed an URL reputation defense mechanism to combat this kind of attack, and all of our customers are protected. CGAC monitors spam and phishing email worldwide on a daily basis, and includes any suspicious web sites in an URL reputation database. Our email security gateway checks passing emails against the list of suspected phishing web sites, and blocks threats at the gateway end. This method provides ironclad protection against phishing email attacks.