Well, it was only a matter of time until someone figured out how to use the H1N1 “swine flu” scare as a part of a scam.
A new spam campaign was detected by our district web filters claiming to be from the Centers for Disease Control, asking the user to create a personal vaccination profile:
As usual, a check of the URL behind the link shows a web address that appears to go to “online.cdc.gov”. However, the full domain name in this case is “online.cdc.gov.yttt4l.com.im”. (The actual domain name often changes from day to day). This particular spam campaign may have one of several subject lines, including:
- “Governmental registration program on the H1N1 vaccination”
- “Creation of your personal Vaccination Profile”
- “State Vaccination H1N1 Program”
Users who actually go to the site will find an official-looking page with the CDC logo, etc. If you try to open the page to enter your profile information, your computer will be infected by a Trojan designed to steal your personal and banking information.
As I said before, the district web filters are catching this, so you should not see it in your district e-mail boxes. You should be on the watch for it in your personal e-mail accounts.
You can read more here.