Malware attack spammed out disguised as email settings file
February 24, 2010 by admin
Filed under Security News
391 views 6 Comments
Sophos is intercepting a large number of malicious emails that have been spammed out around the world, posing as a new settings files for internet users’ email systems. However, attached to the emails is a Trojan horse.
Each email is carefully disguised in an attempt to lure the recipient into believing they are genuine. For instance, they use the recipient’s email address in the subject line and pretend to come from the support team at the recipient’s email domain:
A typical malicious email reads as follows (I’m assuming the user’s email address is username@example.com below):
Subject: A new settings file for the username@example.com has just be released
Attached file: settings.zip
Message body:
Dear use of the example.com mailing service!We are informing you that because of the security upgrade of the mailing service your mailbox username@example.com settings were changed. In order to apply the new set of settings open zip attached file.
Best regards, example.com Technical Support.
Although the hackers behind this attack have clearly put a little thought into how they might infect as many people as possible, they have made some grammatical mistakes which may tip off potential victims that the emails are not genuine.
For instance, the subject line of
A new settings file for the username@example.com has just be released
is very clumsy.
Attached to each email is a file called settings.zip, which contains a copy of the Troj/Bredo-BE Trojan horse.
Stay on your guard against attacks arriving via email. Although we see many web-based attacks these days, the rumours of the death of email-based malware are greatly exaggerated.
By Graham Cluley, Sophos
Related posts:
- Changelog 07.06.2010: Hackers spam out malware attack
- Malicious contracts spammed out by hackers
- New password from Facebook? Beware widely spread malware attack
- Facebook Password Reset Confirmation E-mails Carry Malware
- Malicious PDF attack spammed out from compromised VioVet email system
Yet another reason why you should never download a file from an e-mail that claims to be a “system update” or something. Scams like this prey on less internet-savvy people; all it takes is an ounce of internet knowledge and a bit of common sense to avoid these things. Thanks for the heads up!
I got a few emails a few weeks ago with the very same malware. Good thing my Opanda was updated. My girlfriend got the very same and Norton didn’t pick up on it so we just spend the whole afternoon reformatting her PC.
I agree with Bryan – it only takes a little bit of experience with these kinds of emails to spot them, even if they are quite clever. But it only takes a lapse of concentration or an accidental mouse click and… oops!
One doesn’t have to be too technically savvy to avoid these kinds of traps. Totally agree with Bryan and Liam on this. A little common sense really goes a long way.
Randal
Murrieta Property Management
I was going to point out what others have already said about using common sense. However, many elderly people and perhaps younger ones too aren’t too savvy when it comes to technology. Or perhaps too trusting! Common sense says, “if you don’t know the email address, mark it as junk and send it on it’s merry way”. Terry