Fake E-Mails Serving Virus-Tested Files Contain Malware

Sophos the security company cautions that bogus electronic mails are being spammed profusely providing an attachment that carries malware. NakedSecurity reported this dated August 25, 2011.

Actually, security investigators at Sophos have identified one malware scam presently doing the rounds that's creating havoc. The scam so deceives users that they think the e-mail coming into their inboxes is from the photocopier Xerox's WorkCentre Pro, thus making a potentially persuasive camouflage of modern spammed-out malicious software scams.

Significantly, the security investigators say that today's photocopiers do not simply copy a person's secret documents alternatively notice intoxicated staff's weaknesses during an office party, but even e-mail the documents of that person to him.

The bogus e-mails in question display an attractive caption viz., "Scan from a Xerox WorkCentre Pro #[Number]," while urging recipients to view a given attachment that apparently has been virus-scanned with the help of one Xerox WorkCentre Pro before dispatching it to them. Also, the attachment is named as 'Xerox_Scan_08.23_K1274.zip' or 'Xerox_Document_08.23_C11125.zip.'

Sophos, which found that the electronic mails were spam, has identified the attached content to be Troj/Dload-ID a Trojan virus.

The company's investigators observed that the malicious e-mail campaign was naturally aimed at businessmen who were used to receiving such e-mails.

Meanwhile, Sophos does not state if the spam mails are dispatched from genuine (however hijacked) accounts for in case they do then the spam campaign is likely to be quite effective.

What's more, such e-mails getting sent to accountholders globally aren't something new. During February this year (2011), BitDefender alerted of an unsolicited e-mail containing a file, which was duly scanned, as well as sent from one Xerox WorkCentre Pro scanner. Nevertheless, specifically designed as a PDF file, the attachment managed abusing 4 vulnerabilities within Adobe Acrobat Reader.

However, in the current spam mail, the attachment contains a Trojan installer. Thus Sophos advises end-users to act extremely cautious while viewing unsolicited attachments despite the files at a first glance seeming as being sent from their office building's photocopier.

Besides, running anti-virus software that's maintained up-to-date can also assist in blocking such infections, the security specialists suggest.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 9/6/2011