Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware-Laced E-mails Circulating Mentioning Bogus Document Approval

According to security researchers, malware-laden e-mails titled "ACTION REQUIRED: A document has arrived for your review/approval {Document Flow Manager)" have been detected circulating online, published softpedia.com dated December 9, 2013.

Apparently arriving from certain billing agent else supplier, the bogus e-mails tell recipients that only the designated person should read the current e-mail, which's likely to have proprietary, privileged, alternatively private information. In-case the user has got it by mistake he's requested to inform the sender right away before erasing the message wholly. The recipient is prohibited from utilizing the e-mail for any other purpose.

The e-mail continues that an invoice's record, which is attached, couldn't be processed. Therefore, the recipient is requested to help the sender solve the causes for the mentioned rejection, the e-mail states at the end.

The notification gives the sum as nearly $10,000 (EUR 7,000).

Meanwhile, the electronic mail isn't any communication whatsoever originating from any billing agent else genuine supplier. Besides, there isn't really any invoice inside the attachment rather the attached zipped archive carries one malevolent executable called .exe file, security analysts assert.

Running this executable only leads to malicious software getting planted onto the victim's PC, while the malware characteristically digs at sensitive data on the infected system as well as establishes communication with cyber-criminals-operated remote servers.

Further, for sounding slightly more credible, the e-mail resorts to phony record ID, invoice as also document numbers. It further designs one phony "Supplier" URL with the help of domain name that is displayed within recipient's e-mail id. The scammers rest on the hope that some recipients if not more will believe the e-mail and its hugely valued invoice such that they'll rush to view the attachment as also subsequently run the executable.

The researchers state that the above electronic mails have been in circulation starting February 2013 if not earlier when Cisco the security and networking company warned about them. Right now the scam seems as yet active, they state additionally.

Therefore, Internauts are recommended to remain vigilant about any unsolicited e-mail which directs for clicking/opening any web-link/attachment like within the above stated instance, security researchers conclude.

ยป SPAMfighter News - 12/16/2013

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page