October 23, 2012Dancho Danchev By Dancho Danchev

PayPal ‘Notification of payment received’ themed emails serve malware

Sticking to their proven tactic of systematically rotating the impersonated brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick its users into downloading and executing the malicious attachment found in the legitimate looking email.

More details:

Screenshot of the spamvertised  email:

Detection rate for the malicious archive: MD5: 9c2f2cabf00bde87de47405b80ef83c1 – detected by 39 out of 43 antivirus scanners as Backdoor.Win32.Androm.fm. Once executed, the sample opens a backdoor on the infected host, allowing cybercriminals to gain complete control over the infected host.

Go through related analyses of spamvertised malicious campaigns impersonating PayPal:

Webroot SecureAnywhere users are proactively protected from these threats.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

5 Responses to PayPal ‘Notification of payment received’ themed emails serve malware

  1. why cant these people who are so smart with these computers put it to good use guess they never read the 10 commandments thou shall not steal let god judge them i cant but i wish they could change their way scotty

    • Malware is close to a billon dollar a year industry, they can make more money with a successful malware campaign in 1 week then they can make in a year, thats the motivation for them.

      Some groups do it to point out the flaws in companies security policies, which is helpful to the company to prevent future attacks. But if the company spent the right amount of money in the first place to set up a good security environment they would never be in the news.

  2. Pingback: Fake PayPal Emails Distributing Malware - Digital Forensics — Digital Forensics

  3. Pingback: ‘PayPal Account Modified’ themed emails lead to Black Hole Exploit Kit « Webroot Threat Blog – Internet Security Threat Updates from Around the World

Leave a Reply

Your email address will not be published. Required fields are marked *