E-mails Targeting Corporate Executives Pose as DoJ Complaint

Security experts are warning that two different kinds of e-mails were launched on November 19, 2007 that target specific corporate executives.

The first type of e-mail was delivered to 400 or more people at various financial institutions. It poses to be from the federal Department of Justice making a complaint against the company where the recipient is employed, MessageLabs warns.

The e-mail urges the recipient to click the attached document containing the complaint. However, on doing so, it installs an active Trojan downloader that infects the user's machine. The main targets of the attack were senior executives working in credit unions and banks. The e-mails show subject line that has the full name of the recipient.

Senior Analyst Paul Wood for MessageLabs said in a statement that perhaps the crooks want to gather sensitive information, such as about acquisitions and mergers. The computers could be also holding discussion reports on company's intellectual property. SCMagazine published Wood's statement on November 20, 2007.

It could also be possible that the miscreants find it easy to hunt information about the executives than a common employee and therefore, they use the social engineering tactic to target them.

At Websense Security Labs too, researchers reported that spammers were sending e-mails that contained a '.scr' file as an attachment. This e-mail, however, claims to be a complaint from the DOJ.

The e-mail entices recipients to click the attachment containing the complaint, which ends up downloading a Trojan. The document is a Rich Text Format that carries a PDF file hiding a malicious executable.

The increase in targeted e-mails on specific individuals has been one of the gravest concerns of security experts. Such types of attacks are more difficult to detect compared to phishing attacks that send mass e-mails. Also, they have greater chances of being acted on as they specify the recipient by including his/her name and designation.

Such attacks had occurred in June and September 2007 as well. In June 2007, senior executives were targeted with a fake invoice. In September 2007, 1,000 senior officials received messages with an executable file embedded in a Word attachment.

Related article: E-Crime Reporting Format To Be Launched in July

» SPAMfighter News - 12/3/2007