Hedge and Private Equity Fund Managers Targeting Spam Campaign
A security firm, Barracuda Labs researcher has identified that a extremely targeted spam email campaign is intended at hedge and private equity fund managers.
The spam emails looks as if it has been forwarded a number of times, and apparently has had a document containing details about NYSE (New York Stock Exchange) carried interest fees attached to it.
Carried interest is a particular topic of interest to hedge and private equity funds. It literally can be defined as an accounting process required submitting the return income to funds and its tax status is a subject of some debate. Also this is the reason for which an email is supposed to contain carried interest fees i.e. used to increase the curiosity of financial professionals. Spammers depend on that inquisitiveness to obtain their malware installed, commented by security experts at barracuda labs.
During this time, recipients who do not observe that the file in question is an executable and run it are faced with a PDF that really have the information.
Unluckily, the PDF is packed with a key logger, which silently gets installed by itself on the victim's machine and starts recording keystrokes and distributes them to a far-flung server through FTP.
As the FTP protocol is insecure, Barracuda Labs researchers say that they were competent enough to look at the far-off server that obtains the files. Every entry in the list exhibiting corresponds to keystrokes and files from several computer whose owner runs the Trojan.
Barracuda Labs researcher suggested the users of internet: "never relies attachment in email, even if the mentioned source seems reputable". "In cases like this, we suggest that initially you save the attachment and then send it to virus scanning service virustotal.com". The website subjects attachment through over 40 different malware scanners, and returns a report for the attachment from this spam, as per the news published by barracudalabs.com dated August 14, 2012.
In a nutshell, this is not the first time that a financial issue is exploited by spammers to con Internauts. In May 2012, cybercriminals came up with a new way of fooling unsuspected bank customers into handing over their funds. They promoted shady insurance that causes protection against losses by online banking fraud, revealed by trusteer.
» SPAMfighter News - 24-08-2012