October 23, 2012 By Dancho Danchev

PayPal ‘Notification of payment received’ themed emails serve malware

Sticking to their proven tactic of systematically rotating the impersonated brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick its users into downloading and executing the malicious attachment found in the legitimate looking email.

More details:

Screenshot of the spamvertised  email:

Detection rate for the malicious archive: MD5: 9c2f2cabf00bde87de47405b80ef83c1 – detected by 39 out of 43 antivirus scanners as Backdoor.Win32.Androm.fm. Once executed, the sample opens a backdoor on the infected host, allowing cybercriminals to gain complete control over the infected host.

Go through related analyses of spamvertised malicious campaigns impersonating PayPal:

Webroot SecureAnywhere users are proactively protected from these threats.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button
0 comments

Trackbacks

  1. […] Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from links in seemingly authentic emails, according to a Webroot report written by Dancho Danchev. […]

true