By Ed Bott
March 23, 2012, 5:24am PDT
Summary: Malware distributors have launched a new wave of attacks aimed at taking over unpatched PCs and Macs. They look like routine messages from a bank or a social network, but instead of phishing for passwords, they’re serving up malware.
In the past few weeks, I’ve noticed an alarming increase in fraudulent email messages coming to some old, well-established email addresses of mine.
It’s not just the quantity of messages that’s noteworthy, it’s the quality as well. This particular wave of attacks includes some attacks that are frighteningly real looking. And they’re being used to serve up a toxic brew of malware to unprotected systems.
Consider these two examples of messages I received this week. The first appears to be a fraud alert from American Express:
It has all the right logos, and the wording has the same professional tone and grammatical accuracy I would expect of a legitimate communication from American Express. Unlike many phishing messages, this one made me look much more closely, and I suspect that the click-through rate was higher than most such attempts.