Stratfor Customers Once More Targeted with Malicious E-mail Attachment
Cyber-criminals haven't the least ceased applying one social engineering tactic for enticing end-users to their malware scams. Thus Stratfor, a provider of geopolitical analysis on a subscription basis has its customers as the latest target. Attacks against them started when a data-hack was carried out on the company's client database, said Microsoft.
Specifically, spam mails were dispatched with an attachment containing a PDF file called "stratfor.pdf." If viewed, this file exhibits a letter that suggests its reader not to click on e-mails or attachments whose source may seem doubtful, while advises him for scanning all e-mails along with attachments using AV software.
Specifically, according to Microsoft's investigators, the fraudulent electronic mail says that Stratfor's database had undergone a hack that very likely exposed the data online. Therefore it's strongly advisable that consumers avoid viewing e-mails/attachments whose sources are doubtful, while they must run an anti-virus scan on all incoming electronic mails and attachments, the e-mail continues.
Additionally, there's a warning in the message that harmful software is being distributed via Stratfor's website therefore to safeguard one's data the company strictly suggests that users must download certain anti-virus program for examining their PCs for a virus called Win32Azee.
But, upon following the URL link, an alert message from Adobe Reader suggests users to confirm whether they trust the online site. Meanwhile, the file recommended to be downloaded, in reality, represents one Win32/Zbot sample that Microsoft says is PWS:Win32/Zbot.gen!R, while it identifies the destructive PDF file as Trojan:Win32/Pdfphish.A.
So the only harmful element at this juncture is the anti-virus download web-link that's hosted on a server either at Poland or Turkey while it unleashes the ZBot info-stealing Trojan that'll capture victims' financial details, passwords and other personal information.
However, according to security researchers, earlier during January 2012 too, Stratfor's clients got a similar fake e-mail this one posing as a declaration from George Friedman regarding modifications in Stratfor's services like providing for free its premium components when services were unobtainable.
Conclusively, like always, in the current e-mail scam too, random messages should be overlooked while opening attachments or clicking web-links avoided, researchers advise.
Related article: Stration Worm Pretends to be Security Patch
» SPAMfighter News - 18-02-2012