Email claims to be from 'AFP Photo News', offers 'bloody photos' of Gaddafi's death
Spammers and cybercriminals are using the death of Libyan dictator Muammar Gaddafi, and the Agence France-Presse (AFP) photos bait to trick Internet users into downloading malware
Computer security firm Sophos has warned that cybercriminals are spreading an email that looks like a forwarded message. The mails sometimes have "AFP Photo News" pictures of a bloodied Gaddafi.
"In reality, opening the attached file on a Windows computer puts PCs at risk of malware infection," Sophos said.
Sophos senior technology consultant Graham Cluley said the "death of Libyan dictator Colonel Gaddafi has almost inevitably resulted in cybercriminals taking advantage of the news story, and the general public's seeming interest in viewing ghoulish photos and videos of his last moments."
"Hackers have spammed out an attack posing as pictures of (Kadhafi's) death, tricking users into believing that they came from the AFP news agency and are being forwarded by a fellow Internet user," Cluley said.
Cluley added that the email claims to be from "AFP Photo News" and offers "bloody photos" of Gaddafi's death.
The subject in a detected email with malware reads: "Fw: AFP Photo News: Bloody Photos: Libya dictator Moammar Gadhafi's Death". While, the message body reads: "Libya dictator Moammar Gadhafi's Death
"Libyan dictator Moammar Gadhafi, the most wanted man in the world, has been killed, the country's rebel government claimed Oct. 20. The flamboyant tyrant who terrorized his country and much of the world during his 42 years of despotic rule was cornered by insurgents in the town of Sirte, where Gadhafi had been born and a stronghold of his supporters.
"Attached file: Bloody Photos_Gadhafi_Death.rar "
Sophos has said that Windows computer users who decompress the attached file are putting their PCs at risk of infection. The RAR archive file creates a malicious file called: "Bloody Photos_Gadhafi_Death\Gadhafi?rar.scr" warned Sophos.
AFP has said that it has sent no such email, and has urged Internet users to avoid opening the email and updating or applying their security settings.