We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Open this Malware or I'll Sue you!
Options
birkee
Posts: 1,933 Forumite
in Techie Stuff
From PC Advisor magazine, not from the internet.
http://www.pcadvisor.co.uk/news/security/3305228/open-this-malware-or-ill-sue-you/?cmpid=HTML-N220911&olo=newsletter
If you don't like links, long winded follows.
The latest social engineering trick to get victims to open malicious email attachments accuses them of being spammers and threatens to sue them if they don't stop.
It's all in an attempt to get targets to open up the zip attachment by telling them it contains evidence of their spamming. Actually it's an .exe file that infects the machine but displays like a document, according to the Websense Security Labs Blog.
MORE: Bigger isn't better when it comes to social engineering attacks
The attachment installs a downloader Trojan that copies itself to the system path so it executes when the system boots up. It connects to remote servers to download specific exploit files. The blog says the current attacks could contain other variants of the Trojan as attachments.
The new attack cropped up Monday in WebSense's ThreatSeeker network that gathers data about malicious email campaigns. The emails are dressed up to look like they come from real businesses that is upset because the recipient has been spamming them. "The emails even formally claims that legal action will be taken because of the spam you have sent," says the blog.
The blog includes an image containing the text of one such email: "Hello. Your email is sending spam messages! If you don't stop sending spam, we will be impelled to sue you! We've attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!
Subject lines include "You are sending ad messages", "We are going to sue you", "This is the final warning", "We've sent you a copy of a complaint" and "A message from our security service".
Read more about wide area network in Network World's Wide Area Network section.
Love and misses folks! :beer:
http://www.pcadvisor.co.uk/news/security/3305228/open-this-malware-or-ill-sue-you/?cmpid=HTML-N220911&olo=newsletter
If you don't like links, long winded follows.
The latest social engineering trick to get victims to open malicious email attachments accuses them of being spammers and threatens to sue them if they don't stop.
It's all in an attempt to get targets to open up the zip attachment by telling them it contains evidence of their spamming. Actually it's an .exe file that infects the machine but displays like a document, according to the Websense Security Labs Blog.
MORE: Bigger isn't better when it comes to social engineering attacks
The attachment installs a downloader Trojan that copies itself to the system path so it executes when the system boots up. It connects to remote servers to download specific exploit files. The blog says the current attacks could contain other variants of the Trojan as attachments.
The new attack cropped up Monday in WebSense's ThreatSeeker network that gathers data about malicious email campaigns. The emails are dressed up to look like they come from real businesses that is upset because the recipient has been spamming them. "The emails even formally claims that legal action will be taken because of the spam you have sent," says the blog.
The blog includes an image containing the text of one such email: "Hello. Your email is sending spam messages! If you don't stop sending spam, we will be impelled to sue you! We've attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!
Subject lines include "You are sending ad messages", "We are going to sue you", "This is the final warning", "We've sent you a copy of a complaint" and "A message from our security service".
Read more about wide area network in Network World's Wide Area Network section.
Love and misses folks! :beer:
0
Comments
-
Trojans, by the very nature, will always pretend to be something they're not. This particular type of email scam is old and has been going for years.
The link included in the line "The latest social engineering trick to get victims" is actually an article about something else entirely - spearphishing, or targeted phishing. Instead of sending out an obvious generic attack like the one given in the PC Advisor article, they specifically target a particular person or organisation with details that make it more believable. In this case, organisations were targeted in order to gain access to their systems.
When companies like Play.com get hacked and leak customer details, those same customers are at risk for spearphishing as attackers can include details like name and address, or even refer to order history - all this makes the email look legitimate, and increase the likelihood that the person will open the malware attachment.
The author of the PC Adviser article is a bit behind the times, or is confused as his article has nothing to do with the link he's put in there:
http://www.networkworld.com/news/2011/090911-rsa-spearphish-attack-may-have-250651.html0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.9K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards