Contract Spam Pushing Malicious Programs
According to Graham Cluley, a researcher at security software firm Sophos, cyber miscreants are carrying out a fresh spam campaign that serves malware, as per the news published by virus BULLETIN on May 5, 2010.
Reportedly, the attack is significant, with its perpetrators spamming out the harmful messages worldwide. Apparently, these messages carry contracts that the innocent e-mail recipients are required to accept. They display subject lines like "Contract of order fulfillment," "Loan contract," " Rent Contract," "Contract of Settlements," "Record in debit of account," "Open an account," etc.
Also, the standard text of the spam mail, which begins by addressing gentlemen and ladies in general, states that a contract has been prepared for them and that it includes the paragraphs which they wished to see. Legal changes have also been made on the end-page. So once the recipients approve all the offers, the payment related to the initial consignment would be made on Friday, the message explains. Meanwhile, a file attachment containing the so-called contract is enclosed. The e-mail further says that it could also be sent by fax if required and lastly hopes for the recipient's decision.
Says the security firm, anyone reading the message would think it came to the recipient accidentally. So it's likely that many curious users will want to click on the attachment named Contract_01_05_2010.zip. But that'll result in an infection on their Windows PCs, probably from the notorious Koobface virus. According to Sophos, it has identified the embedded malicious program as Mal/Koobface-E and Troj/Invo-Zip.
States the security researchers, these viruses automatically replicate and propagate by copying themselves onto instant messages or e-mail attachments. They may also place themselves onto network shares or inside shared directories for the same purpose, or may spread through software vulnerabilities or backdoors.
Furthermore, according to the researchers, it appears that the sources of the spam mails are botnets, and that an appropriate spam filter can effectively block them. While some e-mails are certainly expected to slip through, proper anti-virus software together with user awareness can prevent these e-mails from doing any damage. Thus, it's recommended that users should keep their anti-virus programs up-to-date and treat unsolicited e-mails with suspicion.
Related article: Contract Killer Spam Scam
» SPAMfighter News - 17-05-2010