Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Resume Spam Mails Lead To Scareware

A newly launched spam mail campaign, pretending to be resume submissions, are being circulated on the Net, telling recipients to click on given attachments containing HTML files, but they actually divert users onto scareware-serving websites, according to Softpedia, which published the news on August 20, 2010.

Displaying the subject line, "Resume," the malicious spam mails carry brief messages such as "Please find attached my CV" or "Attached, please find."

The fake, destructive attachment may appear differently named. Reports AppRiver, a messaging security provider, there is one electronic mail of the kind, which contains a file labeled CV.html. In another instance, MX Lab, an e-mail security vender caught an e-mail disseminating Resume.html. All these HTML files represent plain redirectors; however, they're obfuscated with a JavaScript so they can evade common spam filters.

Thus, if the e-mail recipient views any of the HTML files, the included JavaScript becomes active that in turn diverts him onto a genuine website, although malevolent.

This malevolent site shows a message -"PLEASE WAITING 4 SECOND." And while those 4 seconds run, an iFrame secretly pulls down malware from still one more website with which further malicious software is downloaded and run on the victim's machine.

The objective, all the while, is to trigger a typically bogus anti-virus scan, which sets fake alerts that there is malware on the user's PC so he must download a certain executable file. But that .exe file in reality is a scareware installer that pretends to be an authentic anti-virus. Moreover, it blasts the victim's PC with bogus security warnings related to malware until he willingly spends on security software's license that is actually worthless.

Sadly, people who get victimized with such scams don't just lose their precious funds, but have personal payments cards compromised as well.

Reportedly, from the total 42 anti-virus applications that VirusTotal considers, merely 19 identified the scareware, which the current attackers used, as malicious.

Remarking about this attack, specialists state that it's the first one witnessed during the recent period i.e. the technique utilized together with scareware campaigns, indicating that it's being picked up in other spam runs too.

Related article: Russian Hackers Break into NOAA to Push Pills

ยป SPAMfighter News - 27-08-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next