Long Time No Steal: Classmates.com Scam Goes for Your Wallet
If you had to reunite with an old classmate, it certainly wouldn't be the bully who tried to steal your lunch money (he's on Wall Street now). But what if you could rekindle a relationship with your old crush? And what if it was all packaged on a legitimate-looking website specifically designed to link up old classmates and make these long-lost dreams come true?
Don't bet on it. It's harsh advice, but if you don't hear it now, you could fall prey to a new scam campaign that pretends to be an invitation to join Classmates.com, but, as AppRiver explained, is actually a clever ploy by digital deviants to get access to your computer.
The email asks recipients to confirm their email address with Classmates.com, and, with graphics and fake registration numbers and passwords, masks itself as a safe way to join the friend-finding service. But, of course, there's a link in the email that, if clicked on, attempts to exploit a Java bug that could grant the scam artists privileged access to your computer, including your online banking passwords and scores of other confidential information.
AppRiver researchers noted that 202 different domains are behind the rigged links. And the bully is nothing if not persistent: Researchers have seen more than 12 million emails related to the Classmates.com scam, at about 98 emails per minute per domain.
The compromised domains are part of the Blackhole Exploit Kit, a piece of malware that allows cybercriminals to build their own botnet. The security firm Trend Micro spotted a host of other organizations currently being spoofed by Blackhole scammers, including Bank of America, Verizon, PayPal, AT&T, Citibank, Ticketmaster, and — not surprising, given its recent password breach — LinkedIn.
If you receive one of these unsolicited invitations to join Classmates.com, and it looks suspicious — it gets your name wrong, for example — think twice about clicking on it. If you want to reunite with an old friend, go directly to the Classmates.com website. And to prevent the cybercrime weapon from doing any real damage, keep your Web browser and your computer software fully patched and your anti-virus software up to date.