Spammers Execute Attacks Serially for Compromising Internauts’ PCs, Cautions Dancho Danchev
Dancho Danchev, Security Blogger and Cyber-Crime Researcher at Security Company Webroot warns that several spam mail attacks are being launched that so dupe Internauts that they voluntarily and unknowingly download malicious software onto their PCs, published softpedia.com dated July 11, 2013.
One of the attacks that distributes fake notifications with subject line "Your Booking Reservation at Westminster Hotel" tell recipients about so-called booking done at the hotel for them.
Actually, spammers cash in on users who wanting to know everything regarding the room reservation are likely to hasten for viewing a given attachment that actually contains one fresh sample of Trojan-PSW.Win32.Tepfer.
Only 6 anti-virus scanners from the total 47 of VirusTotal have been able to detect this Trojan.
The threat links up with certain command-and-control (C&C) infrastructure which has been utilized to launch scams related to Vodafone also.
Another spam attack, which Danchev spotted, informs possible victims that there's one "export license as well as payment invoice" which they have got. The fake e-mails then request the users to open an attachment containing the item, while inform that the residual payment has been dispatched the day before.
But if this attachment is opened, Internauts will have their computers mechanically added to a botnet, which the attackers operate.
VirusTotal's 26 AV scanners from the total 46 identified the malware loaded onto infected PCs as HEUR:Trojan.Win32.Generic or PWS:Win32/Zbot.gen!AM, observes Webroot.
Worryingly, it's because of the above kinds of spam mail attacks, which's causing an increase in spam, online that fell dramatically during 2012, remark security researchers of Webroot. As a backing to this remark, AppRiver's recently released data within the security firm's 'Global Threatscape Report" of mid-year 2013 shows that by June this year (2013), there was a twofold increase in spam traffic over that of January 2013.
However, for remaining safe from the above malware laced junk e-mail scams, users are advised not to click on attachments as well as web-links which maybe inside the messages. Rather they should wholly delete such unsolicited electronic mails. Moreover, it's important for maintaining one's anti-virus software up-to-date all the time while all security loopholes plugged.
» SPAMfighter News - 22-07-2013