Spam Mail Campaign Tricks with Wedding Invitation Bait

Cyber-criminals don't ever appear drained off ideas towards tricking Internauts and making them install malicious programs, warns ThreatTrack Security Inc., a security company. A most recent malware-distributing spam mail campaign requests the e-mail's recipients to attend certain marriage function that White Wedding Agency supposedly organized, the agency known to be a Prague-based enterprise.

Titled "Wedding Invitation" else "Wedding Invite" the spam mail addressing recipients tell that they're cordially invited for attending one wedding ceremony to be held on 29th March at 4PM which will lead to a reception party. The entire text for the invitation is given in a web-link embedded on the message, the e-mail states.

But when this web-link is clicked, a zipped file is served which is harbored on one hijacked site. There's a file inside the zipped folder which apparently is an innocuous Word Doc.

Nonetheless, actually it is one executable, which releases Trojan.Win32.Kuluoz, security researchers from ThreatTrack outline. This Trojan can pull down more malware from the Web onto the contaminated computer. The latest Kuluoz variant pulls down fake anti-virus programs, often WinWebSec, the researchers additionally state.

Disturbingly, it's because of the above kinds of spam mail schemes which are resulting in an increase in junk e-mails online, remark ThreatTrack's researchers. Their remark received the backing of Kaspersky Labs' statistics published within its February 2013 Spam Report that shows that spam within the total e-mail increased 12.8% from January 2013 while accounting for a 71.1% mean figure.

However, for remaining safe from Kuluoz, specialists at ThreatTrack suggest Internet-users towards ensuring their AV software is up-to-date with the most recent signature-definitions so malware can be better spotted and erased else isolated. Further they should remain extremely cautious about e-mails entering their inboxes. Accordingly, no web-link must be clicked if it comes via unsolicited e-mails, particularly ones which purport to be from common airlines, delivery services, or wedding organizers too, since cyber-criminals frequently use such socially engineered e-mails as lures for trapping unwary end-users. A good advice is for becoming familiar with these baits for eschewing probable contaminations by this or any malicious program in future, ThreatTrack's researchers conclude.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 4/4/2013