Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware Peddlers Exploit Starbucks’ Name in New Malicious Campaign

According to Kaspersky the security company, cyber-criminals are exploiting the name of Starbucks the coffee chain popularly visited worldwide as they run a new campaign of malware distribution.

The assault involves one phishing e-mail displaying a subject line "Starbucks Coffee Company gift from your friend."

Kaspersky Labs, which spotted the fraudulent electronic mail, described the message as asserting that the recipient's friend, some hours back, had placed an order in the recipient's favor so he could enjoy an exclusive event at one of the Starbucks coffee stores. Wanting to keep his name secret, the friend was inviting people while the unique menu's details were being provided in an attached file. The e-mail ends by wishing that the recipient would experience a splendid evening.

A number of tricks have been utilized so the crooks may convince the targeted users that they have got an authentic e-mail, which is so important that they should read it immediately as well as download and open its attachment. Accordingly, Starbucks' logo is included, the option namely "High Importance" is enabled, and a freebie is offered i.e. the anonymous friend's gift to the e-mail recipient.

Now Starbucks does have a system of letting customers make orders by which to gift close associates, however, the current e-mails are not related to the coffee shop. The style of writing in the message clearly suggests the e-mail is illegitimate. Moreover, the sender's id in the false invitations shows Gmail and Yahoo e-mail ids rather than Starbucks'.

Furthermore, the attached file has an .exe extension, suggesting no effort was made for obscuring it via giving it a twin filename extension or compressing it in a zipped folder.

The attachment that Kaspersky identified contains a file namely Rootkit.Win32.Zbot.sapu, certain variant of ZeuS (Zbot) a highly infamous spyware family that helps filch confidential data. The current Zbot variant plants a rootkit namely Rootkit.Win64.Necurs alternatively Rootkit.Win32.Necurs that disables security software such as anti-virus programs.

Thus, advises Kaspersky, anyone who may've been victimized with the above attack should make his anti-virus up-to-date as well as execute one complete system scan for ensuring his PC isn't contaminated.

» SPAMfighter News - 4/25/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page