Scam E-mails Targeting LogMeIn Premium Users, Warn Security Experts
According to security researchers, LogMeIn users should be wary of cyber-criminals who're sending them one bogus bill, in reality tainted with malware, reported softpedia.com dated July 4, 2014.
It maybe noted that established in 2003, LogMeIn is located within Boston, Massachusetts to trade on SaaS services having cloud environment, for example remote connectivity, as well as support software for use by consumers and businesses.
Incidentally, recipients of the fake e-mail think the latter arrived from the automatic message generator of LogMeIn, while the header indicates a bill related to the service as being included in the e-mail. Recipients are told they must pay the pending Pro-subscription fee in connection with the service (a date for the payment is mentioned) and that a bill is available for the same.
The fees mentioned is EUR347/USD473 that the regular subscriber may find pretty huge, but then it doesn't raise any doubts for an organization which bought one LogMeIn license spanning 1-yr for 10 PCs.
Moreover, for creating additional trust among the end-users in the e-mail's authenticity, a web-link is provided apparently leading onto LogMeIn's support web-page as also onto the so-called URL for the online bill.
But, neither link works, while it becomes essential for the end-user for pulling down the bill from a given attached file that's in zipped form.
The file labeled as lgm_payment_invoice.zip isn't any bill or payment receipt, however, certain file which carries a virus called lgm_payment_invoice.pif.
Consequently, security experts caution people not to view attachments that contain files having '.rar' or '.zip' extensions except if such files are already expected. For, cyber-crooks are appending viruses to WinRAR else Zip archives so they can evade virus scanners.
Incase anyone views the above described malicious file it'll contaminate his PC with a Trojan virus thus giving the scammers remote access and hold over the tainted PC. They'll then possibly spy on that user, filch his financial and other personal data, alternatively, utilize his machine for committing more cyber-crimes.
However, for those users who may've already clicked on the compressed archive, it's suggested that they execute an entire scan of their PCs using an active AV.
» SPAMfighter News - 14-07-2014