New Phishing E-mail Drops Trojan

Internet security researchers at Sophos Labs have said that a Trojan is spreading widely through e-mails, notifying recipients that their accounts have been deactivated. Besides, indicated with the words "mailbox utility," the malware appears dangerous.

The phony message states that an abnormal operation was detected in the recipient's mailbox; consequently, his e-mail account has been pulled out of operation. However, the account can be restored via extracting as well as executing a file attached as "mailbox utility," the message continues.

While the attached file is condensed as 'utility.zip,' the researchers warn users not to unzip it and execute its program since it is loaded with the Mal/EncPk-LP Trojan malware.

Moreover, the e-mail seems as if it has come from the recipient's own field of e-mailing. As a result, it increases the chances of the person following the instructions and thereby becoming a victim of insidious attempts.

Remarking about this point, security specialists stated that the attack was clever in the way it used social engineering tactics.

Moreover, the Sophos researchers said that they had observed the tactic earlier as well. It posed as a message from the recipient's e-mail administrator, and since it worked rather effectively, its application continued. Users get panic in case they got the hint that they might be cut off from the Internet through the suspension of their e-mail and so rushed to click without thinking if the attachment might contain malicious software, the researchers explained.

According to security specialists, impersonating official sources and websites to trick users into revealing personal information, a practice that is called phishing, has reached its present stage right from the "Nigerian 419 scams," which widely used the technique.

Present day phishing is getting more and more hazardous since the attacks' sources of origin can be varied, state the specialists. Further, phishing e-mails are designed to contaminate computers using malicious programs and this is another method to seize victims' financial and other sensitive personal information, with the Clampi and Zeus trojans being the common payloads in use, they warn.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 11/25/2009