Sydney targeted by nuclear explosion spam

The campaign, timed around September 11, is to trick Australians into clicking on an attachment which if installed will steal information from the victim’s PC.

The emails, designated to a .au address, claim to have images of the explosion in an attached ZIP file and has a subject that claims Australia has been contaminated.

The attack should remind users how easy it is for spammers to tempt them with news that is both topical and relevant, warned Paul Ducklin, head of technology at Sophos.

“With the recent startup of the Large Hadron Collider, urban catastrophes are topical. [Plus,] yesterday being the anniversary of 11 September 2001 boosts its relevance,” said Ducklin.

Australia's only nuclear reactor is in the suburb of Lucas Heights in Sydney’s South West, making it all the more reason to alert residents that the reports are fake.

“This seems more relevant to people instead of spam that’s selling Viagra from Canada. The real point is that it’s a really cheap and easy way for them to raise the awareness of it just by using .com.au,” said Ducklin.

Furthermore, the same attack has targeted London residents with a message which claims a powerful explosion has occurred in a nuclear power station in London.

Analysing the email in its spamtraps, Sophos in Sydney can reveal that the campaign has been directly targeting the two countries, with .uk addresses getting the London story, and .au addresses getting the Sydney version.

"Rather than use a real life event, the hackers have turned to fictional explosions and conspiracy theories in the hope they will strike a nerve with potential victims who will then click on the attachment without a second thought," said Graham Cluley, senior technology consultant at Sophos.

explosionheightslondonsecurityspamsydneytrojan