The Latest in IT Security

GFI Labs Email Roundup for the Week

19
Nov
2012

Good Monday morning, dear Reader!

Without further ado, here is the roundup of email threats for November 12 to 16.

  • “Congratulations! You and {random name} are now connected!”

    click to enlarge

    This is a spam that purports to have originated from LinkedIn. Once users click any of the links on the message body, they are directed to a website that exposes them to a BlackholeCridex infection. Details here.

  • State of PayPal Account Modification.

    click to enlarge

    Same as the previous spam, this also leads to a Blackhole-Cridex system infection. Email details here.

  • Suspicious Cancellation of American Express Transaction.

    click to enlarge

    This spam targets American Express users, informing them that their money transfer has been aborted for undisclosed reasons. Recipients who click any of the links find themselves infected with Cridex, provided the Blackhole exploit kit has found an unpatched software on their system. Details here.

  • Fake Verizon Email are Making Rounds Again.

    click to enlarge

    If you’r a Verizon user, look here. If you click the URL to manage your account, you’ll be infected with Zbot, a popular information stealer.

  • Bogus AmEx Spam Encourages You to Check You Fiscal Transaction Statement.

    click to enlarge

    Of course, one can easily fall for this tactic if they see the slick looking email above; however, extra caution is advised. The links on the email lead to websites where the Blackhole exploit can take advantage of vulnerable software on your system. More here.

  • DHL Failed to Deliver Your Parcel. Or so It Says.

    click to enlarge

    Recipients of this spam are enticed to download a postal receipt that they can use to claim an “undelivered parcel.” This, however, leads to the download of a fake AV instead. Details here.

By familiarizing yourself with the social lures and tactics used by cyber criminals who employ emails to catch their prey, you are more than likely to avoid them and, in turn, warn others about what these threats are. Prevention, after all, is as important (if not more) than remediation.

Stay informed!

Jovi Umawing

Related posts:
  1. Bogus Windows License Spam is in the Wild
  2. AVG Web Threat Update: Week 16
  3. The Friday Scam, Spam and Malware Roundup
  4. Be on the Lookout for Email Scams Targeting Facebook Users
  5. Skype Voicemail Spam leads to Blackhole / Zeus Attacks

Written by GFI Labs blog
0 Comments

Leave a reply


Categories

TUESDAY, APRIL 16, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments