Tag: Spam

Spam Campaigns go for RTF Documents

A new spam strategy is in the wild. We spoke on a recent article that spammers were using a new trick to bypass anti-spam filters by adding the text on an image and send the image attached as file. Now it seems they changed from image to RTF document: The attached file contains a redirect […]
Continue reading...

New spam strategy in the wild

Recently we noticed a big archive of spam messages related to selling various pharmacy products. But something was different from the old spam messages… no http links were present in the message. The surprise was attached in .gif or .jpg or .png format:
Continue reading...

Worm.Win32.Mabezat – problem winmail.dat

We have received a new spam email with the subject named problems from an unknown sender. In the email there was a file attached named winmail.dat Below there is the message of the email: When I had opened your last email I received some errors have been saved in the attached file. Please inform me […]
Continue reading...

Massive phishing scam emails against Poste Italiane

We recently received a lot of phishing emails used by attackers to steal Poste Italiane accounts by redirecting victims to a malicious website that looks as the Poste Italiane homepage. Despite this, the user who will insert its details will be victim of a phishing attack and is highly suggested to change its username and [&hell...
Continue reading...

Massive Storm_Worm E-Cards and Postcards Spam Emails

These days seem to be very havy the email-spreading of email worms (possible Storm_Bot), in 2 days we received about 20 emails and were all related to postcards and e-cards with attached a ZIP file with name as postcard.zip or e-card.zip. Today we received more than 10 spam emails with attached a ZIP file in […]
Continue reading...

Email Thank you for your application = Virus

We received a new email that contains a suspicious ZIP file named copy of your application.zip. The email looks like the same family of the previous Hallmark and fake Job CocaCola emails. The extracted file use the same trick as all the other spam emails, it add 8+ characters of space after the first extension […]
Continue reading...

PROHIBITED_MATRIMONY.rar Spam = Worm.Win32.Mabezat

We have recently received an email that contains a ZIP archive named: PROHIBITED_MATRIMONY.rar The subject of the email is: ABOUT PEOPLE WITH WHOM MATRIMONY IS PROHIBITED The file extracted from PROHIBITED_MATRIMONY.rar is named Readme.doc.exe and note that it has the double extension to trick the user to think that it is a norm...
Continue reading...

Promemoria eBay per oggetto non pagato numero

We received again new false eBay emails that redirects the user to visit a webpage that is used to steals the user’s eBay account with a false webpage, similar to the original eBay homepage, that save the logi account typed by the user and send the sensitive data to the attacker. Message Promemoria eBay per […]
Continue reading...

Hallmark E-Card and IKEA Fake Emails = Storm Bot

Today I received again an email from Hallmark E-Card with a suspicious ZIP file attached and with the following message: A file named, as always, postcard.zip and of less than 200 KB. If we extract the ZIP file, we see a new file with an extension as .SCR and with a filename length of more […]
Continue reading...

Christmas Postcard Spam and Trojan.Win32.Waledac

Steve sent me a sample of malware classified as Trojan.Win32.Waledac that he has received in some Christmas Postcard Spam emails with following subjects: Merry Christmas and best wishes just for you Merry Christmas 2009! A super Xmas card for you Merry XXXmas! You’ve got a Merry Christmas greeting e-card I made this e-card...
Continue reading...