Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Spammers Launch Newegg Password Reset Scam

A leading security firm, McAfee Labs, has discovered a new wave of spam. The spam is not only a sophisticated forgery of a Newegg purchase receipt, but there is a sign of botnet attempting to abuse Newegg's password reset system to advance the scam.

According to the reports, in lesser than 1% of cases, the spammers seem to be exploiting the password reset option on the website of Newegg to generate and send emails to the victim, stating that a password reset is required.

In order to continue the scam, a forged Newegg purchase receipt is received by the victim shortly after seeing the genuine password reset notice. In case the recipients are concerned about the account tampering, they may release a quarantined spam message which claims to be a purchase receipt as they feel their accounts may have been compromised.

The spam email imitates the appearance of a Newegg email and forges the RFC 821-received headers to act as if it has originated from the Newegg servers.

In addition, the email comprises an HTML attachment which uses obfuscated JavaScript to forward the victim to a domain attempting to deliver fake anti-virus software or other malware to the recipient's machine.

The security experts have said that there is no confirmation if every recipient of a Newegg spam has got a password reset notification before the spam mail arrived, but a 233% increase in the average mail flow coming from Newegg IP addresses has been tracked.

This spam mail appears to be associated with Cutwail botnet - the second-most prolific botnet in detected infections.

The experts have warned that this is a very powerful scam comprising forgery techniques to fool the victims and other techniques to fool the filters and outright abuse of the Newegg corporate infrastructure to scare the recipients of the infected emails. Although tricks and techniques of this form are not new, the combination of three in one package is not common. Administrators should be conscious of this campaign and inform their users not to be fooled by the purchase receipt.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 9/1/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next