Trend Micro has come across some interesting spam emails leveraging the topic. The malicious warnings carry the subject line “Heartbleed Bug Warning” and they read something like this:
“I just want to let you know that there is a big security concern now on the internet. The Internet bug called Heartbleed Bug, was recently discovered by experts. So if I were you, you need to change your internet passwords specially your banking passwords. Check for this report in CNN.”
The emails are signed by an individual called “Dexter” who appears to live in Riyadh, Saudi Arabia. The footer of the email contains an “unsubscribe” link, but that doesn’t make it any less dangerous.
As expected, the “Report from CNN” link contained in the notification doesn’t point to a report from CNN, but to a suspicious website.
Trend Micro hasn’t been able to precisely determine what’s on this site because it has been taken down. However, it’s safeto assume that it was something malicious.
The numerous alerts and advisories have made people aware of the seriousness of the issue. That’s why there might be enough internauts who would click on links from such emails without giving it too much thought.
“Cybercriminals are ready and willing to use all newsworthy topics for their social engineering schemes, including big security incidents/advisories,” Trend Micro anti-spam research engineer Fjordan Allego noted in a blog post.
“With the Heartbleed Bug being as big and as serious a security issue can get – not only does it affect some of the most popular websites on the Web today, but can also strike from mobile apps as well – users need to anticipate that threats may strike in a way that they never really expect,” Allego added.
As a general rule, users who want to avoid falling victim to phishing scams or having their computers infected with malware should never trust any unsolicited emails, no matter how interesting or urgent they sound.