Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

BitDefender Cautions Employees about Spam Mails

BitDefender the security company cautions office employees that they require being watchful of e-mails, which seemingly contain one confidential message meant for them alone. Specialists at the company inform that these e-mails have been crafted for disseminating certain malware that filches user passwords.

Bearing the caption "To all Employees - Confidential Message," the fake electronic mails look like they're dispatched through DocuSign.

They tell receivers that they can find their completed dossier by taking it down from a given attachment labeled "Please DocuSign this document: To All Employees 2013.pdf."

The e-mail spammers also try to make their e-mails appear more genuine, so they include that the document consists of details that are secret as well as proprietary to [organization moniker.

Security specialists who studied the spam campaign discovered that there was in fact one password stealer in the document which garnered passwords associated with various e-mail clients as also those that Web-browsers saved in connection with different websites.

The malware given the name Trojan.Generic.KD.834485 as well garnered account details associated with port numbers, server names, FTP clients, login IDs as well as cloud storage modules. Once garnered, the entire data would subsequently get uploaded onto distant servers. Also, a few malware samples might pull down as also run more malicious programs like ZeuS/Zbot onto the hijacked computers.

Additionally, the Trojan made access to other PCs on the network with trials of a maximum used password list.

However DocuSign, which knows about the ongoing spam outbreak, has alerted end-users of it, while suggesting that they shouldn't view attachments within electronic mails posing as the service's communication. Instead they should forward the messages at spam@docusign.com for conducting forensic investigations of the same.

DocuSign further posted that it kept on robustly investigating the spam attack while was in joint task with organizations of law enforcement for adopting additional measures. It added that the service didn't hold user information for sale for intermediate parties.

Ill-intentioned intermediate parties frequently acquired e-mail ids via scanning online, buying lists, followed with deceptively harvesting personal data through means of phishing with spam mails, telephone calls, else fraudulent websites, DocuSign explained.

Related article: BitDefender Releases March Malware List

ยป SPAMfighter News - 28-01-2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next