New malicious email attachments come with accusations, threats.

The latest social engineering trick to get victims to open malicious email attachments accuses them of being spammers and threatens to sue them if they   don’t stop.

It’s all in an attempt to get targets to open up the zip attachment by telling them it contains evidence of their spamming.   Actually it’s an .exe file that infects the machine but displays like a document, according to the Websense Security Labs Blog.

The attachment installs a downloader Trojan that copies itself to the system path so it executes when the system boots up.   It connects to remote servers to download specific exploit files. The blog says the current attacks could contain other variants   of the Trojan as attachments.

The new attack cropped up Monday in WebSense’s ThreatSeeker network that gathers data about malicious email campaigns. The   emails are dressed up to look like they come from real businesses that is upset because the recipient has been spamming them.   “The emails even formally claims that legal action will be taken because of the spam you have sent,” says the blog.

The blog includes an image containing the text of one such email: “Hello. Your email is sending spam messages! If you don’t   stop sending spam, we will be impelled to sue you! We’ve attached a scanned copy of the document assembled by our security   service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!

Subject lines include “You are sending ad messages”, “We are going to sue you”, “This is the final warning”, “We’ve sent you   a copy of a complaint” and “A message from our security service”.



This entry was posted on Wednesday, September 21st, 2011 at 9:03 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.


Comments are closed.