Resume Spam Mails Lead To ScarewareA newly launched spam mail campaign, pretending to be resume submissions, are being circulated on the Net, telling recipients to click on given attachments containing HTML files, but they actually divert users onto scareware-serving websites, according to Softpedia, which published the news on August 20, 2010. Displaying the subject line, "Resume," the malicious spam mails carry brief messages such as "Please find attached my CV" or "Attached, please find." The fake, destructive attachment may appear differently named. Reports AppRiver, a messaging security provider, there is one electronic mail of the kind, which contains a file labeled CV.html. In another instance, MX Lab, an e-mail security vender caught an e-mail disseminating Resume.html. All these HTML files represent plain redirectors; however, they're obfuscated with a JavaScript so they can evade common spam filters. Thus, if the e-mail recipient views any of the HTML files, the included JavaScript becomes active that in turn diverts him onto a genuine website, although malevolent. This malevolent site shows a message -"PLEASE WAITING 4 SECOND." And while those 4 seconds run, an iFrame secretly pulls down malware from still one more website with which further malicious software is downloaded and run on the victim's machine. The objective, all the while, is to trigger a typically bogus anti-virus scan, which sets fake alerts that there is malware on the user's PC so he must download a certain executable file. But that .exe file in reality is a scareware installer that pretends to be an authentic anti-virus. Moreover, it blasts the victim's PC with bogus security warnings related to malware until he willingly spends on security software's license that is actually worthless. Sadly, people who get victimized with such scams don't just lose their precious funds, but have personal payments cards compromised as well. Reportedly, from the total 42 anti-virus applications that VirusTotal considers, merely 19 identified the scareware, which the current attackers used, as malicious. Remarking about this attack, specialists state that it's the first one witnessed during the recent period i.e. the technique utilized together with scareware campaigns, indicating that it's being picked up in other spam runs too. Related article: Russian Hackers Break into NOAA to Push Pills ยป SPAMfighter News - 8/27/2010 |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!