VACM Home VACM - Stuff That Works 2012 APCS Home

July 4 "fireworks video" virus targets USA users... virus, Storm bot (solution included)

Protect your identity and your computer with VACM-approved "Stuff That Works"

Greetings from The VACM Team,

In This Issue:
----------------------
- July 4 "fireworks video" virus targets USA users...  Storm virus, bot net

 You are free to forward this critical information to anyone
 you wish as long as it is not modified in any way.



***************************************************
* The Bottom Line...
***************************************************
An email claiming to show you a video of the best, most amazing, spectacular, etc, fireworks will not play a video, but it will infect your computer with a nasty virus. 

This is a ploy to catch people off guard and many will, no doubt, be duped into infecting their computers.  See the VACM Alert article below for the full story, a picture of the bogus video player and how to know, in the future, if a video really is a video.

Beware of emails having a subject of:

Amazing Independence Day salute  or...

Amazing firework 2008
America for You and Me
America the Beautiful
Celebrate Independence
Celebrate with Pride
Celebrating Fourth of July
Celebrations have already begun
Fabulous Independence Day firework
God bless America
Happy Fourth of July
Happy Independence Day
Independence Day firework broke all records
Light up the sky
Proud to be an American
Sparkling Celebration of Independence Day
Spectacular fireworks show
Super 4th!
The best of 4th of July Salute

 

From the hackers who brought you the "Storm" worm, we have another attempt
to steal your identity and use your computer to carry out spam and malware
campaigns for organized crime.

This email contains a link to an alleged 4th of July video.  If you click on the
link, you will get what looks like a video player in your web browser. But,
if you click on the browser, the web site will attempt to download a file
called "fireworks.exe" to your computer. If you allow the file to be downloaded
to your system, you will not be celebrating your independance!

If you clicked the link in the attack email, this is the bogus video player
you would see:

It is actually only a "picture of a video player" on your screen.  This picture is
actually a link to the virus file that the hackers want you to allow into your system.
Per their instructions in the picture above "If you want to see the best Independance
Day firework just click on the video and run it".  If you click on the video and
then click on "Run" when Windows asks you, they fooled you into telling Windows
that it is OK to run "fireworks.exe", which is the virus installer.  Stay alert, folks.

The hackers behind this "Dorf" virus family of attacks, also known as the Storm worm, have targeted other holidays in the past, including Christmas, Valentine's Day, Halloween, etc.  The reason that they do this is simple - it works. Many people fall for tricks like this all the time. Companies and individuals need to protect themselves with up-to-date anti-virus and anti-spyware protection and learn how to not be caught by this kind of clever wording trick.

***************************************************
* What You Should Do
***************************************************
1. You are probably smart enough to simply delete suspicious emails and
    to not open "unknown" attachments.  But, this attack is simply an
    email with a link to a web page in it.  Harmless enough, right?       Wrong! 
    What you have to is that whenver you view a web page with a video player
    on it, you should never get a Windows message asking you to download
    a file (much less a .EXE file). That is the critical tell-tale.  When a web video
    player exists on a web page, it already has the video file it needs to show
    you.  You should never get a Windows message asking if you want to "Save"
    or "Open" or "Run" a file.  Moral of this story is to add this sneaky tactic to
    your list of "Gotchas" and then...

2. Delete the email

3. Also... always let Windows Update install the latest Windows updates to
    keep your system as safe as possible.  Microsoft is constantly fixing bugs
    and vulnerabilities in Windows and that is what Windows Update is for.  It
    is an automatic way to make sure you have the latest fixes from Microsoft.

4. Make sure your antivirus and antispyware software is always up to date.
    Most antivirus softwares should catch this attack if you happen to go to
    far with the mouse clicks.

     

Best Regards,
Marc Deschenes, VACM Editor
The VACM Project at
Automated PC Solutions

 

 

*** Be sure to check out the appendix at the end of this alert if you are having trouble booting your computer into "Safe Mode". The process is all spelled out for you there.   Why should you be very concerned about Spyware? Learn how to avoid Identity Theft and Windows corruption in this free VACM Video:      VACM-tested #1 AntiSpyware Software How did they steal my Identity? Why do I get so much SPAM ? Why is your computer running so slow ? Today, every PC needs just a few protection softwares. Find out what and why. Visit our Links Page to avoid Indentiry Theft and costly computer repairs.    VACM Links to Protection Tools and Softwares Keep your PC Safe and Avoid a costly trip to the shop... with these VACM approved tools. You need 3 things to protect your PC(s) automatically. Use these links to go directly to the Download and Purchase pages: the best AntiSpyware product the best Firewall product the best AntiVirus product           Old Shotgun Shell Boxes are collector's items and worth good money!  (yes... just the empty boxes) get your   ShotShell BlueBook price guide now.     To cancel your subscription to VACM, reply to this email with the word UNSUBSCRIBE in the subject. If you click on the link below, the "unsubscribe" email will be created for you and you can simply hit "Send" in you email program: Create My Unsubscribe Email IMPORTANT: please include the email address at which you are currently receiving VACM Alerts in the body of the message.     ******** APPENDIX - Handy How-To Tips **********   * How To Boot into Safe Mode Shut the computer down so that the power is off. Turn the computer on, wait 1 second and begin pressing the F8 key on the keyboard, once every second repeatedly. Do this until the Windows Startup Menu appears. If you get a keyboard error, press F1 to resume and then continue pressing the F8 key once every second, or your PC may tell you to press another key for BIOS setup. Select Safe Mode from the Windows Startup Menu, then press the Enter key on the keyboard. Windows will then boot into Safe Mode. NOTE: This may take longer than a normal boot. At the end of the boot process a dialog box will appear informing you that Windows is in Safe Mode. Click OK on this dialog box. Windows is now in Safe Mode. If you miss hitting the F8 at the right time, Windows will boot normally and you will not see the "Safe Mode" message.  In this case, start from the top of these instructions until you get the boot menu screen where you can choose "Safe Mode".  This can be a little tricky the first time you do it.