Red Cross solicitation is a Trojan horse
Published: 24 Oct 2001 09:48 BST
Septer.Trojan is a Trojan horse that attempts to steal your credit card information by pretending to be a solicitation from the American Red Cross.
Septer arrives by email and appears to come from the American Red Cross, the United Way and the September 11 fund. Attempting to exit the donation form results in pop-up windows urging you to complete the form.
This Trojan is not widespread and does no damage to one's computer, but because of interest in the events of 11 September, the American Red Cross and Symantec are making people aware of Septer.
How it works
Septer arrives as an email that appears to originate from the American Red Cross, the United Way, or the September 11 fund. The email contains an icon of a green and blue world with a miniature Microsoft logo. When the recipient clicks the icon, a Web page opens with an appeal for a donation. The text on the donation form reads:
Terrorist Attacks
On September 11, 2001, America was hit with the worst strike of terrorism in history. Attacks on the World Trade Center in New York City and the Pentagon in Washington DC, as well as the crash of flight #93 in Somerset County, Pennsylvania, have resulted in countless injuries and the loss of thousands of lives.
Your Support Is Needed
In response to these attacks, United Way and the New York Community Trust have established the September 11th Fund. Your contribution will be used to help respond to the immediate and longer-term needs of the victims, their families, and communities affected by the events of September 11.
Please, donate now.
The solicitation and donation form do not come from the American Red Cross, and information entered into the form doesn't go to the Red Cross. However, attempting to close the donation form without filling it out prompts the following pop-up display:
Please enter information.
To close the donation form, press Ctrl-Alt-Delete, and Windows will open the Task Manager. From the Task Manager, highlight and close the Web application hosting the fraudulent donation form. This should close the form without sending any information.
The American Red Cross has more information about this Trojan horse and how to legitimately make an online donation.
Removal
At this time, only Symantec has updated its antivirus signature files to remove this Trojan horse. For more information on removing Septer, see Symantec.
See the Viruses and Hacking News Section for the latest headlines.
See the Net Crime News Section for the latest on hacking, fraud, viruses and related issues.
Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.
Let the editors know what you think in the Mailroom. And read other letters.
Did you find this article useful?
15 out of 25 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
