.HTML Spam Return With Different Theme Attachment

Researchers at security company 'Sophos' have just found a cyber attack that uses an .html attachment, but with a difference. They say that spammers are distributing malicious e-mails embedded with such a file attachment. .html spam campaigns were associated with Facebook password resetting tasks, the FIFA World Cup and Skype.

A very interesting fact regarding these attacks is that their structure is somewhat similar. They arrive through e-mail lacking a text message, but contain an .html file as an attachment for potential victims.

The researchers detected one such e-mail in the spam run, which shows the caption "adultfriendfinder new messages," as well as contains an attachment named adultfriendfinder.html.

Graham Cluley, Security Expert at Sophos, notes that his organization identified the attached file as Troj/JSRedir-BO, as reported by PC1News on June 21, 2010.

The security company explains that Troj/JSRedir-BO is a piece of malware, which diverts users to more malware sites. It also harms the Windows operating system. Often, this malware serving site seems as the Canadian Pharmacy website promoting and marketing drugs over the Internet.

However, victims should also know that there are other annoying things besides being diverted to Canadian Pharmacy website. Elaborating on that, Cluley further says that as users land on the online drugs site, an exploit can strike them and attempts to deploy a booby-trapped PDF file as well as infect them with a contaminated .exe file through certain malicious Java codes.

Meanwhile, it is possible that users will get an unsolicited, junk e-mail in their mailbox that uses a romantically-themed subject and provides an attachment named "loveletter.html."

Moreover, it is worth noting that these spam mails may have varied subject lines like "I Want U," "An Example of Love," "Thankful for Everything, "A Near Year for Us" and several others.

Eventually, security specialists recommend that online surfers should maintain caution regarding what files they open on their PCs, particularly if they appear suspicious like in the above case. Besides, it is important to always maintain their AV software up-to-date and include all the latest security patches, thereby ensuring that their computers are protected from malware.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 6/30/2010