Computer security researchers are finding an abundance of emails claiming to be CNN Breaking News but are actually destructive spam campaigns laced with malicious links to sites designed to dish out malware.
Possibly surprising to some is the idea of it being somewhat common to run across emails purporting to be CNN breaking news stories only to have links that lead users to malicious websites spreading malware. In today's intensive media outbursts of just about everything considered being a hot topic or the least bit controversial, we witness firsthand how news can spread rapidly through Internet social channels and email. At just about every sign of something news-worthy or popular, computer users spark curiosity and now with massive malware attacks rooting from bogus CNN Breaking News Emails hackers are happier than ever.
Because there seems to be newfound innocents among many computer users who live and die by the media, hackers have taken on the task of dishing out fake CNN Breaking News emails. Many of these messages have enticing subject lines, some reading 'Harrison Ford discussing his new movie Ender's Game at Comic Con' or a report stating 'Snowden able to leave Moscow airport'. The possibilities are virtually endless as to what fake CNN Breaking News email hackers will send out for the main purpose of spreading malware. Probably one of the most popular fake CNN Breaking News scams to hit the internet waves is ones related to the Royal Baby's birth or the name, George Alexander Louis.
Show in Figure 1 below is an actual example of a fake CNN Breaking News email laced with a malicious link. Within the email message are links to a website that may initially seem like a continuation to the email's 'breaking news' but actually lands user's on a malicious site harboring an exploitation kit.
Figure 1. Fake and malicious CNN Breaking News Email Purporting 'Snowden able to leave Moscow airport'. - Source: grahamcluley.com
We know firsthand the dangers that Exploit Kits emit where they are readily used to exploit vulnerabilities within computers and their web browsers. A prime example of a similar scenario when hackers used the Blackhole Exploit Kit to flood users with fake AT&T emails redirecting them to a link for installation of the infamous Zeus Trojan.
In the current fake CNN Breaking News email scam hackers are serving up fresh dishes of Zeus once again, which will eventually turn the infected computer into a zombie where it awaits instructions from a command and control server. Basically, the bogus CNN Breaking News email spam campaign is assisting hackers in forming a botnet, a network of compromised computers who will fall under the control of a server that they all connect to.
You never want your computer to succumb to any type of malware but is arguably among the worst type is a botnet-type of threat that may eventually instruct your system to carry out illegal activities on the Internet. Having your computer do a hacker's dirty work on the Internet rarely has a good outcome unless you are proactive about keeping your system secure. Always keep your software up to date along with a constantly-running antispyware application.