Bogus Windows License Spam is in the Wild

October 26, 2012 by  
Filed under Security News

Views 3,111 views  
FaceBook Logo FB Comments
Comments 5 Comments

For everyone’s information:

Below is a screenshot of a new spam run in the wild, and the sender (whoever he, she, or it is) presents to recipients a very suspicious but very free license for Microsoft Windows that they can download.

Sounds too good to be true? It probably is.


From: {random email address}
Subject: Re: Fwd: Order N [redacted]
Message body:

You can download your Microsoft Windows License here –

Microsoft Corporation

Clicking the hyperlinked text leads recipients to a number of .ru websites hosting the file, page2.htm (screenshot below), which contains obfuscated JavaScript code that loads the Web page fidelocastroo(dot)ru(colon)8080/forums/links/column(dot)php.



This spam is a launchpad for a BlackholeCridex attack on user systems.

This method is likewise being used by the most recent campaign of the “Copies of Policies” spam, also in the wild.

Our AV Labs researchers have documented their findings in detail regarding these spam runs on our GFI Software Tumblr page. Please visit

Stay safe!


By Jovi Umawing @

FaceBook Comments


5 Responses to “Bogus Windows License Spam is in the Wild”
  1. says:

    “Bogus Windows License Spam is in the Wild | Virus Experts – We Make Your Digital Life
    Secured” honestly causes me personally imagine a somewhat more.

    I actually loved each and every individual component of this
    post. I appreciate it -Angeles

  2. Nick says:

    Precisely what really motivated you to publish “Bogus Windows License Spam is in the Wild | Virus
    Experts – We Make Your Digital Life Secured”? I actuallyhonestly loved the blog post!
    I appreciate it -Shannon

  3. Denroy Norales says:

    Need clean out my phone

  4. borey says:


  5. borey says:

    I love you

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!