BitDefender Cautions Employees about Spam Mails

BitDefender the security company cautions office employees that they require being watchful of e-mails, which seemingly contain one confidential message meant for them alone. Specialists at the company inform that these e-mails have been crafted for disseminating certain malware that filches user passwords.

Bearing the caption "To all Employees - Confidential Message," the fake electronic mails look like they're dispatched through DocuSign.

They tell receivers that they can find their completed dossier by taking it down from a given attachment labeled "Please DocuSign this document: To All Employees 2013.pdf."

The e-mail spammers also try to make their e-mails appear more genuine, so they include that the document consists of details that are secret as well as proprietary to [organization moniker.

Security specialists who studied the spam campaign discovered that there was in fact one password stealer in the document which garnered passwords associated with various e-mail clients as also those that Web-browsers saved in connection with different websites.

The malware given the name Trojan.Generic.KD.834485 as well garnered account details associated with port numbers, server names, FTP clients, login IDs as well as cloud storage modules. Once garnered, the entire data would subsequently get uploaded onto distant servers. Also, a few malware samples might pull down as also run more malicious programs like ZeuS/Zbot onto the hijacked computers.

Additionally, the Trojan made access to other PCs on the network with trials of a maximum used password list.

However DocuSign, which knows about the ongoing spam outbreak, has alerted end-users of it, while suggesting that they shouldn't view attachments within electronic mails posing as the service's communication. Instead they should forward the messages at spam@docusign.com for conducting forensic investigations of the same.

DocuSign further posted that it kept on robustly investigating the spam attack while was in joint task with organizations of law enforcement for adopting additional measures. It added that the service didn't hold user information for sale for intermediate parties.

Ill-intentioned intermediate parties frequently acquired e-mail ids via scanning online, buying lists, followed with deceptively harvesting personal data through means of phishing with spam mails, telephone calls, else fraudulent websites, DocuSign explained.

Related article: BitDefender Releases March Malware List

» SPAMfighter News - 1/28/2013