Fake BBC e-mails seek to exploit IE flaw

I receieve an email with the topic as stated above. The original source is unknown but it was circulated within my company. It is always advisable to make sure the validity of the sender and originality of the message sent.

If you receive an e-mail with bit and pieces of news from the actual BBC website, and offer a link to 'read more, beware. If you click on the link it will take you to a spoofed copy of the BBC story from the e mail.

Attackers are spamming out these messages and hoping readers will click on a link to "read more." By clicking on the “Read More” in the email, it will exploit the createTextRange flaw an unpatched vulnerability in Internet Explorer, dropping keyloggers onto your machines that will be used to steal bank account and confidential information.

Microsoft has been developing a patch and plans to have it ready by April 11. Therefore kindly practice safe browsing.

WhatIs

Attacker - A person who gathers personal and financial information to potentially exploit the critical information

Keylogger - monitors your activity on various financial Web sites and uploads captured confidential information back to the attacker

CreateTextRange Flaw – is an vulnerability in the Internet Explorer. The patched is currently being developed.

Critical / Confidential Information - Bank account number, username, password and credit card , bank card no

Safe Browsing -
Confirm the sender – verify whether they really sent the message to you
Do not reply – No reputable company ask to share usernames, passwords or
any sensitive or confidential information such as credit card or via
e-mail. This information should not be sent through email.
Do not click on the link in email – As a rule, users should not click on
Web links from within an e-mail.
Grammar and spelling – Observe for obvious spelling or grammatical errors
Notify the administrator