subscribe: Daily Newsletter


Did Fernando Alonso really crash?


An e-mail message announcing a false accident suffered by the Formula One racing driver Fernando Alonso is being used to spread the Banker.LGC Trojan.

This fraudulent email informs the recipient that Alonso suffered a car crash in the Spanish city of Bilbao and was seriously injured. To make it more credible, the news report looks as if it had been taken from one of Spain’s most important newspapers. The message includes a link to download a video where the recipient can supposedly watch the accident. However, if they click the link they will actually be downloading a copy of the Banker.LGC Trojan.
This malicious code is designed to steal confidential banking data (such as account numbers and passwords) for an important Spanish financial institution.
“The world is a smaller place. This might have happened in Spain, but with the interconnected nature of the web it means that users everywhere – including South Africa – are at risk from this kind of scam,” says Jeremy Matthews, head of Panda Security’s sub-Saharan operations.
Matthews says that this type of Trojan correlates with the current malware dynamic – whereby cyber-crooks are no longer after fame or notoriety, but simply seek to benefit financially from their activity. To do this, they try to infect as many computers as possible by using silent techniques like this one.
“Cyber-crooks use striking news like this one, erotic photos and many other baits to trick users into clicking links or running files and infect them. We call this social engineering. It is vitally important that people are aware of the dangers lurking behind seemingly innocent messages they receive,” Matthews says.