Tag: Spam

PayPal Phishing – HTML Attachment

Got a another phishing email today. The email came to an email I have registered to a PayPal account so it instantly caught my eye. I logged into my PayPal account using the correct URL, all is well. So this is obviously another phishing attempt, but not the typical kind. Typical message content, but they […]
Continue reading...

Bredolab and FakeAV spread again with spam emails

We noticed in the past week a new wave of spam emails that contain a file attached in ZIP or RAR format that is used to spread the dangerous trojan Bredolab and the setup files of rogue security software (FakeAV). In some emails we have found a file attached with extension PDF that is used […]
Continue reading...

Spam emails Cartoline.exe spread Spy.Banker Trojan

In recent days we have registered a new wave of spam messages with subject as “Cartoline” that looked like to come from virgilio.it, and that contained a link that appeared to redirects the user to legitimate sites such as cards.virgilio.it. After analyzing the HTML in the message, we noticed that the link could redi...
Continue reading...

C’e’ una Cartolina per te! = Backdoor.IRC.Zapchast

We have noticed new waves of spam messages, this time in Italian language only, that promote the message “Happy Easter” and contain malicious links that redirect the users to download a file named BuonaPasqua.gif.exe, detected as Backdoor.IRC.Zapchast and it looks like to be an ircbot. Email headers: Sender: Cartolin...
Continue reading...

Mabezat worm and winmail.dat are back again

We have noticed in the past week a new wave of spam emails containing a file attached named, in all the cases, as winmail.dat. The attached file is, in real, a rar archive and it has extracted a file named Readme.doc .exe: Some of the subjects of the emails are: MBA new vision Web designer […]
Continue reading...

You have received an eCard = Zeus Trojan

We have detected a new wave of email messages that contain a ZIP archive attached named ecard.zip and that in real it is a malware and it contains the dangerous Zeus Trojan, that is commonly used to steal bank accounts. The file extracted from the ZIP archive is named ecard.exe: Report date: 7.2.2010 at 13.08.05 […]
Continue reading...

Bredolab trojan spreading through DHL scam emails

Recently we have noticed various spam emails that claim to be from DHL Customer Service with attached a .zip file named DHL_Label_1ae0a.zip of approximately 24 KB of size. The file extracted from the .zip archive is an executable file: Report date: 2.2.2010 at 20.58.00 (GMT 1) File name: DHL_Label_1ae0a.exe File size: 30208 byte...
Continue reading...

Massive phishing scam emails against Maybank Malaysia

We have recently counted more than 50 scam emails that contain very dangerous links used for phishing attacks against the Maybank of Malaysia. Below there are some examples of subjects used in the scam emails: Subject: Important Update Subject: Security Check Subject: Update your profile Subject: Urgent Notice Subject: Profile u...
Continue reading...

Spam Campaigns using underscore char to mask links

Recently we posted an article where we talked about how spam campaigns using the character of the space to mask the malicious links, it’s now the turn of the underscore character. In recent days we have registered more than 800 spam messages that mask the links with the underscore character to bypass some antispam filters....
Continue reading...

Spam Campaigns using space char to mask links

A new wave of spam relating to the promotion of pharmaceutical products has flooded our emails. The new technique used by spammers to bypass antispam filters is to insert spaces in the string of the link that is spammed, which is in such a way that is not recognized as a url and it is […]
Continue reading...