Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Shakira Death Hoax Email Contains Malware


Outline

Spanish language email claims that Colombian entertainer Shakira has been killed in a car accident and invites you to open an attached file for further details.

Shakira car accidenet
© Depositphotos.com/ avisdemiranda

Brief Analysis

Shakira is alive and well and has not been involved in a car accident. The email is designed to trick you into opening the attached Microsoft Word document, which contains a malicious macro.

Example

Subject: Shakira muere en grave accidente

Muere Shakira en grave accidente

Esta madrugada a las 1:10 A.M. en el barrio la Macarena, Colombia. La conocida cantante e intérprete Shakira Isabel Mebarak Ripoll, sufrió un grave accidente automovilístico en el cual perdio la vida. Abordo del vehículo también se encontraba su manager, que quedó con heridas graves. Testigos, dicen que el auto conducido por este último, se dirigia a exceso de velocidad..

Para ver imágenes exclusivas y detalles de la noticia adjuntamos un documento con toda la información sobre este trágico acontecimiento.

Ampliaremos.


Detailed Analysis

Email Claims Shakira Killed in Car Accident

According to a Spanish language email that has been hitting inboxes, popular Colombian star Shakira has been killed in a car accident. The email claims that Shakira's manager was driving the car and that he was seriously injured in the accident.

The email includes an attached Microsoft Word document that supposedly contains exclusive images and further details about the accident.

Shakira is Not Dead - Email Contains Malware

However, the claims in the email are untrue. Shakira is alive and well. And the attachment does not contain images and information about a car accident as claimed.

Dynamoo's Blog writer Conrad Longmore reports that the attached Microsoft Word document contains a malicious macro.

Opening the attachment loads a document that claims that you must change your Office security settings to enable macros before the accident pictures and report can be viewed.

But, following the instructions in the document will run the malicious macro. The macro can then download and install further malware.

One More in a Recent Spate of Malicious Macro Emails

This malware email is just one among several recent attacks that have used macros in attached files to install malware.

A macro is a set of instructions that can be grouped into a single command to automatically perform a specific task.

Macros are not inherently dangerous and can greatly increase efficiency for some workflows.  However, criminals can use the same techniques to create macros that are able to install malware.  In earlier days, macro viruses were common computer security threats. But, later versions of Microsoft Office disabled macros by default, thus significantly reducing the risk.

Alas, many modern computer users may have no knowledge of macro threats and this has enabled criminals to use simple social engineering techniques to trick users into enabling macros.

Unless you have a specific need for macros, it is best to leave them disabled. And be very cautious of any document or message that claims that you must enable macros to view content.



Shaqira death malware

© Depositphotos.com/ Jean_Nelson


Last updated: September 8, 2014
First published: September 8, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Macro Virus Threat Returns - Beware Emails With Malicious Word Attachments
Shakira death hoax email comes with a malicious Word document






>