Malicious Spam Campaign Starts Off in Germany
Posted by: Timothy Weaver on 03/20/2017 01:35 PM
[
Comments
]
A spam campaign is running through Germany using personalized information gathered from the web.
The email message is telling victims that their payment for a large bill failed to go through and is now primed to be sent to a collection agency or law enforcement. Of course, if they click through, their system will be infected with bank stealing information.
The spam contains the recipient's full name, mailing address and telephone number. There is a .zip attachment that delivers the payload.
"The payload used an archaic .com file suffix reminiscent of the days of MS-DOS, but the file was clearly a modern malware executable that had been scrubbed of much of the identifying information that might point to its origins," explained researchers from Symantec. It also contains a sandbox evading property to avoid running on a virtual machine.
The use of personal information is designed to set the victim at ease and make the scam more believable.
Symantec warns that this type of attack is likely to increase in the future. Always be suspicious about emails asking for payment and check with the company to verify the validity of the request.
Source: SCMagazine
The email message is telling victims that their payment for a large bill failed to go through and is now primed to be sent to a collection agency or law enforcement. Of course, if they click through, their system will be infected with bank stealing information.The spam contains the recipient's full name, mailing address and telephone number. There is a .zip attachment that delivers the payload.
"The payload used an archaic .com file suffix reminiscent of the days of MS-DOS, but the file was clearly a modern malware executable that had been scrubbed of much of the identifying information that might point to its origins," explained researchers from Symantec. It also contains a sandbox evading property to avoid running on a virtual machine.
The use of personal information is designed to set the victim at ease and make the scam more believable.
Symantec warns that this type of attack is likely to increase in the future. Always be suspicious about emails asking for payment and check with the company to verify the validity of the request.
Source: SCMagazine
Comments
