Original URL: http://www.theregister.co.uk/2006/11/03/dismissal_spyware_spam_scam/

Dismissal scam spam targets medical centre

Spyware hides under pink slip

By John Leyden

Posted in Security, 3rd November 2006 13:24 GMT

Pond-dwelling crooks tried to trick users into visiting a website hosting Trojan keylogging malware via a spam campaign that claimed recipients had been fired.

In a spoofed message purporting to come from the Dekalb Medical Center, workers at the US facility were told they were being laid off. The message - headed “Urgent – employment issue” - contained links to a site containing "career-counseling information" which actually pointed to a web site run by hackers. It's unclear whether other organisation were targeted by the attack, which preyed on workers' fears of losing their jobs in a bid to get them to respond to a message which (if written in less alarming terms) they'd likely ignore.

After discovering the scam, which slipped through the organisation's small filters, Dekalb sysadmins implemented rules to prevent internal access to the malicious site promoted through the scam emails. Two PCs at Dekalb were infected by an unnamed Trojan keylogger as a result of the attack, Network World reports. ®