Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Spam Mails Claiming as Payment Request Notices Divert onto Malware

A warning has been issued to Internet-users during the 3rd week of July 2010 that a new scam is distributing malware and spam while pretending to be a payment request from the auction site eBay, harming computers as well as mobile devices.

State researchers at Sophos the security software firm, the trick involves dispatching an uninvited electronic mail having the caption "Payment request from" and a fake return e-mail ID eBay@reply1.ebay.com.

Said senior technology consultant Graham Cluley at Sophos, all the e-mails had an empty message body, although they displayed a file attachment named "form.html." ESecurity Planet published this on July 13, 2010.

Cluley further said that the e-mails had a treacherous social engineering ploy. Many people surprised at the request made would feel curious to know the whole story behind it so they might view the attachment, he added.

But once viewed, the attached file, which the security firm identified as Troj/JSRedir-BV, diverts users onto a just hijacked legitimate website that carries a malware called Mal/Iframe-Q.

Interestingly, this attack has dual parts. First it tricks users to visit an ordinary Canadian Pharmacy spam website, while creating an illusion that nothing really harmful occurred.

Nonetheless, an invisible Iframe of malicious nature connects to an intermediary website and installs a malevolent code. This code quietly downloads and runs malicious software on the PCs visiting the pharmacy site.

Incidentally, these assaults are called drive-by downloads and in the current one, a variant of Zeus/ZBot is pushed. Zeus is a kind of PC Trojan, which typically captures Internet banking credentials as well as other financial data.

Meanwhile, although the current fraudulent eBay campaign is wholly novel, it isn't the sole scam that's based on a brand while using a socially-engineered malicious program. States Cluley, Sophos has witnessed some other recent e-mail campaigns having malicious HTML attachments that were based on Facebook porn, Facebook password modifications, Adult Friend Finder, Skype payment problems, and Skype purchases and romantic interest.

Ultimately, the security specialists recommend businesses and consumers that they must have the latest version of anti-spam filters on their computers, and also forgo clicking uninvited attachments and e-mails.

Related article: Spam Scam Bags a Scottish Connection

ยป SPAMfighter News - 7/24/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page