GFI Labs Warns Fake E-mails Victimizing Subscribers of British Telecom
GFI Lab experts have recently warned users on the circulation of fake e-mails in the name of British Telecom, popularly known as BT headquartered in London, United Kingdom, which is a British multinational telecommunications Services Company.
The fake notices of delivery bearing the title, "BT Business Direct Order," had confirmation message for dispatching the order on Wed, 23 Jan 2013 02:43:49. However, till the next day or other premium delivery service option is not chosen by the user, then the order will take 1-3 days to reach. In lieu, if the message is dispatched through a Letterpost, the timing would be a little longer.
To make the malicious e-mail sound authentic, it also contains message like the order might have been shipped in different boxes, which means that separate consignment numbers might be applicable for the same.
First glance of the e-mails look genuine though the attached HTML file directs the victims to a fake Russian hosts, the BlackHole exploit kit.
The exploit kit explores the user's system for security holes and the vulnerabilities are employed to propel the Cridex malware.
Sadly, it is these types of malicious e-mail campaigns that lead to boost malware campaigns over the Internet, affirmed security experts.
However, to alleviate the chances of falling prey to such fake e-mail campaigns of these kinds, users are recommended to keep their OS and software updated and avoid clicking on the links that contain unsolicited e-mails. Users are also advised to avoid the opening of any unsolicited e-mails.
Further more, this is not the first time that BT is being targeted by cyber crooks. Way back in October 2012, security firm Webroot also discovered cyber crooks to have spam vertized millions of spam e-mails that targeted BT's Business Direct customers. This was a sheer attempt to trap its users into executing the fake attachments with the e-mails. However, on executing, the malware detected as Trojan-Ransom.Win32.Gimemo.ashm, invited the infected host thus allowing cybercriminals behind the campaign to seek complete access to the affected host.
Related article: Gov't Websites faces the ire of Islamic protesters
» SPAMfighter News - 04-02-2013