Posts Categorized: spam


Spamvertised bogus online casino themed emails serving W32/Casonline

by

Cybercriminals are currently spamvertising hundreds of thousands of emails enticing end and corporate users into clicking on links leading to bogus online casinos requiring the installation of an executable file. This is the second bogus casino themed campaign I’ve intercepted in recent months, and the third time when I profile the distribution and infection vectors of W32/Casonline. More details:

Continue Reading »

Spamvertised ‘DHL Express Parcel Tracking Notification’ emails serving malware

by

Remember the “Spamvertised ‘DHL Package delivery report’ emails serving malware” campaign profiled earlier this month? It seems that another cybercrime gang has started impersonating DHL in an attempt to serve malware to the millions of spamvertised end and corporate users. More details:

Continue Reading »

Spamvertised ‘Confirm PayPal account” notifications lead to phishing sites

by

PayPay users, beware! Phishers have just started spamvertising hundreds of thousands of legitimately-looking PayPal themed emails, in an attempt to trick users into entering their accounting data on the fraudulent web site linked in the emails. More details:

Continue Reading »

Spamvertised ‘Your UPS delivery tracking’ emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating United Parcel Service (UPS) in an attempt to trick end and corporate users into clicking on exploits and malware serving links found in the malicious emails. What exploits are they using? How widespread is the campaign? Is it an isolated incident, or is the campaign linked to more malicious activity? More details:

Continue Reading »

Spamvertised ‘Your Paypal Ebay.com payment’ emails serving client-side exploits and malware

by

Remember the ‘Your Amazon.com order confirmation’ client-side exploits and malware serving campaign which I profiled earlier this week? It appears that the gang behind it is back with another campaign, this time impersonating PayPal. For the time being, another round consisting of millions of malicious emails is circulating in the wild, enticing end and corporate users into clicking on malicious links found in the emails. More details:

Continue Reading »

Spamvertised ‘Your Amazon.com order confirmation’ emails serving client-side exploits and malware

by

Everyone uses Amazon! At least that’s what the cybercriminals are hoping.  Cybercriminals are currently spamvertising millions of emails impersonating Amazon.com Inc. in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. More details:

Continue Reading »

Spamvertised ‘DHL Package delivery report’ emails serving malware

by

Cybercriminals are currently spamvertising millions of emails impersonating DHL in an attempt trick end and corporate users into downloading and executing the malicious .zip file attached to the emails. More details:

Continue Reading »

Spamvertised ‘UPS Delivery Notification’ emails serving client-side exploits and malware

by

Think you received a package? Think again. Cybercriminals are currently spamvertising millions of emails impersonating UPS (United Parcel Service) in an attempt to trick users into downloading the viewing the malicious .html attachment. More details:

Continue Reading »

Skype propagating Trojan targets Syrian activists

by

The Electronic Frontier Foundation (EFF) is reporting on a recently intercepted malicious documents distributed over Skype, apparently targeting Syrian activists. Upon viewing the document, it drops additional files on the infected hosts, and opens a backdoor allowing the cyber spies behind the campaign access to the infected PC.  Webroot has obtained a copy of the malware and analyzed its malicious payload. More details:

Continue Reading »

‘Windstream bill’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the Windstream Corporation, in an attempt to trick end and corporate users into clicking on links found in the malicious email. Upon clicking on the links hosted on compromised web sites, users are exposed to client-side exploits served by the BlackHole web malware exploitation kit. More details:

Continue Reading »