Sophos Detects Spam Mail Scam Involving Fake Wire Rejection
Security researchers from Sophos the security company are cautioning users about false notifications regarding an abandoned wire transfer, reportedly targeting mailboxes, across the globe, attempting at duping recipients into opening a malicious file within an attachment.
According to the company, the malicious e-mail outbreak involves subject lines of varied types, however, all mention about "Wire Transfer Confirmation." A few messages sometimes even contain fake reference numbers within their captions, according to the company.
Moreover, each spam mail has an attached file named Wire_AMBAO1-Rejected.htm that the security researchers identified as Troj/JSAgent-CK.
This file, which's likely to look innocuous to any relaxed recipient, actually requests the user to wait a while before he'll be taken to a destination.
Nevertheless, the interesting part is the HTML script's subsequent section where there's deciphering of several numbers inside the script that the infected PC subsequently runs.
Importantly, Sophos' researchers unraveled the function of such script following which they said that an improperly protected computer could get diverted onto a compromised Internet site hosted in Russia that harbored the Blackhole attack toolkit for instantaneously infecting the machine with malware.
Meanwhile, in his remark about the latest spam campaign, Senior Technology Consultant Graham Cluley at Sophos stated that it was necessary to always maintain one's computer security up-to-date i.e. having the latest version of the anti-virus and operating system as well as deploying the most recent software patches. Nakedsecurity.sophos.com published Cluley's statement on July 19, 2012.
Worryingly, according to Sophos' experts, it's because of the above kinds of spam schemes laden with malware that have resulted in increase in malicious programs on the Net, worldwide. Supporting this statement are Symantec's statistics released within the security firm's Intelligence Report of June 2012 that states that globally e-mail-borne viruses within the total e-mail traffic accounted for 0.31% or one such e-mail within every 316.5 messages during June 2012, representing a rise of 0.04% from May 2012.
Consequently, Sophos urges Internet-users to overlook the said kind of e-mails as also erase them without opening their attachments or following any given web-links for remaining safe from getting victimized with the malevolent scams.
Related article: Sobig.f Worm After three Years of Manipulation
» SPAMfighter News - 25-07-2012