Watch out for malware email campaigns this week
March 17, 2013
After one quiet week, where most spam was for pump and dump penny stocks and fake Russian pharmacies, two malware attachment emails appeared in my inbox on Sunday afternoon. Both are spoofing an ACH or wire transfer transaction being completed.
Subject: Transaction is completed
From: Heidi Summers
Text:
WIRE transaction is completed. $6224 has been successfully transferred. If the transaction was made by mistake please contact our customer service. Payment receipt is attached.*** This is an automatically generated email, please do not reply ***
From: Bank of America
Text:
ACH transaction is completed. $5009 has been successfully transferred. If the transaction was made by mistake please contact our customer service.Receipt on payment is attached.*** This is an automatically generated email, please do not reply ***
Both contain a zipfile attachment, weighing in at about 92.5 kb. A Trojan, with the filename "Payment slip ID-GF-37840.exe" is inside the zip package.
These spam messages are targeted at businesses and were sent on Sunday, for delivery Monday morning, at the start of the business week. This is an earlier than usual beginning of what typically turns into a Monday through Friday malware-laden email blast.
This being tax time in the US and Canada, expect a rush of fake tax payment failed messages. These too are loaded with Trojans, or have links to the Blackhole Exploit Kit.
If you receive such an email, delete it. The coding for the zip file in the two samples above is "inline," indicating that some email clients may actually open the attachment for you, to display its contents. Please don't become another victim. Most of these exploits install Trojans that empty your bank accounts.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.