Shipping & Parcel Confirmation E-mails Install Trojans

Security researchers at Webroot have pointed to a new attack technique in which
malicious links are sent in disguise of fake parcel announcements and shipping
confirmations.

Andrew Brandt, Threat Expert, Webroot, has claimed that the 'Shipping
Confirmation' malware is gradually rising with the arrival of autumn season that
raises number of online shopping transactions, as reported by SCMagazine on
September 18, 2009.

Brandt has observed an unprecedented rise in the number of trojans presenting
themselves as 'Shipping Confirmation' e-mail messages. In reality, these trojans
are assimilation of backdoors crafted especially to plunder login details and
take control of infected computers.

These e-mail messages inform the recipient that they contain tracking
information that can be taken in a print format for accessing the parcel sent.
However, they are malicious in nature and corrupt systems with Trojans.

If the recipient opens one of these e-mails, then three different backdoors
appear. These backdoors include - Trojan-Backdoor-Progdav (Zeus), one the widely
used backdoors on infected systems; Trojan-Backdoor-Stinkbreath (BredoLab); and
Trojan-Glecia, a keylogger that hijacks computers during browsing and first
appeared in the beginning of this year.

As per the security experts, earlier these types of e-mail scams have presented
themselves as messages from FedEx, DHL, UPS and the US Postal Service containing
details of parcel. The new version of scam appeared to have been directly sent
by an online retailer who has attached files in zip form that contains an
executable with an official document icon.

M86 Security, an online security firm, has propounded that botnet 'Pushdo' is
actively sending these malicious e-mails with bogus parcel notification themes.
These messages come in thousands every day with a zip attachment that presents
itself as invoice or document. The attachment is actually the BredoLab Trojan.

While giving warning to computer users, security experts state that they should
avoid opening any unexpected attachment and should never click on any executable
program attached with an e-mail.

Bad boys running this scheme want to make a fantastic holiday for themselves
irrespective of harm it causes to innocent people.

Related article: Spamhaus’ List Of 10 Worst International Spammers

» SPAMfighter News - 10/12/2009