The Latest in IT Security

CryptoLocker: Please Kindly Find Our New PO

22
Nov
2013

Yesterday’s CryptoLocker post mentioned that it’s spreading via spam. It’s actually a spam campaign that installs an intermediary, and then CryptoLocker is installed. But in any case, the first link in the chain that results in a CryptoLocker infection is spam.

And here’s a fresh example of the message being used: “Please kindly find our new PO per attachment. Could you provide your PI for confirmation. Our Order file is password protected and can be opened/accessed with password: TRADING”

CryptoLocker, Spam
Image source: @davidmacdougall

The company from which the message claims to be from (blurred in the example above) is of course an innocent bystander whose good name is being abused as part of this scheme.

Note that the attachments are password protected. This allows the threat to bypass gateway security measures. If you’re an information security manager, don’t take it for granted that the people in your organization know not to open attachments.

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments