August 30, 2012 By Dancho Danchev

Cybercriminals spamvertise PayPay themed ‘Notification of payment received’ emails, serve malware

Cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick PayPal users into executing the malicious attachment found in the emails.

Using ‘Notification of payment received‘ subjects, the campaign is relying on the end user’s gullibility in an attempt to infect them with malware. Once executed, it grants a malicious attacker complete control over the victim’s PC.

More details:

Sample screenshot of the spamvertised email:

The malware has a MD5: 9c2f2cabf00bde87de47405b80ef83c1 – detected by 33 out of 42 antivirus scanners as Backdoor.Win32.Androm.fm; Worm:Win32/Gamarue

This isn’t the first time that we’ve profiled PayPal themed malicious campaigns. Go through the following posts to catch up with some of our research regarding related campaigns:

Webroot SecureAnywhere users are proactively protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button
0 comments

Trackbacks

  1. […] of the notification Webroot is available here. Share this:TwitterFacebookLike this:LikeBe the first to like […]

  2. […] Cybercriminals spamvertise PayPay themed ‘Notification of payment received’ emails, serve malwar… […]

  3. […] Cybercriminals spamvertise PayPay themed ‘Notification of payment received’ emails, serve malwar… […]

true