The Latest in IT Security

Bogus Windows License Spam is in the Wild

24
Oct
2012

For everyone’s information:

Below is a screenshot of a new spam run in the wild, and the sender (whoever he, she, or it is) presents to recipients a very suspicious but very free license for Microsoft Windows that they can download.

Sounds too good to be true? It probably is.

click to enlarge

From: {random email address}
Subject: Re: Fwd: Order N [redacted]
Message body:
Welcome,

You can download your Microsoft Windows License here –

Microsoft Corporation

Clicking the hyperlinked text leads recipients to a number of .ru websites hosting the file, page2.htm (screenshot below), which contains obfuscated JavaScript code that loads the Web page fidelocastroo(dot)ru(colon)8080/forums/links/column(dot)php.

click to enlarge

This spam is a launchpad for a BlackholeCridex attack on user systems.

This method is likewise being used by the most recent campaign of the “Copies of Policies” spam, also in the wild.

Our AV Labs researchers have documented their findings in detail regarding these spam runs on our GFI Software Tumblr page. Please visit www.gfisoftware.tumblr.com.

Stay safe!

Jovi Umawing (Thanks to the GFI Labs team)

Leave a reply


Categories

SATURDAY, OCTOBER 21, 2017

Featured

Archives

Latest Comments

Social Networks