Posts Tagged: Spamvertised


Fake ‘Apple Store Gift Card’ themed emails serve client-side exploits and malware

by

Apple Store users, beware! A currently ongoing malicious spam campaign is attempting to trick users into thinking that they’ve successfully received a legitimate ‘Gift Card’ worth $200. What’s particularly interesting about this campaign is that the cybercriminal(s) behind it are mixing the infection vectors by relying on both a malicious attachment and a link to the same malware found in the malicious emails. Users can become infected by either executing the attachment or by clicking on the client-side exploits serving link found in the emails. More details:

Continue Reading »

Cybercriminals spamvertise fake ‘O2 U.K MMS’ themed emails, serve malware

by

British users, watch what you execute on your PCs! An ongoing malicious spam campaign is impersonating U.K’s O2 mobile carrier, in an attempt to trick its customers into executing a fake ‘MMS message” attachment found in the emails. Once socially engineered users do so, their PCs automatically join the botnet operated by the cybercriminal/gang of cybercriminals whose activities we continue to monitor. More details:

Continue Reading »

Malicious Bank of America (BofA) ‘Statement of Expenses’ themed emails lead to client-side exploits and malware

by

Bank of America (BofA) customers, watch what you click on! A currently ongoing malicious spam campaigns is attempting to entice BofA customers into clicking on the client-side exploit serving URLs found in legitimate looking ‘Statement of Expenses’ themed emails. Once users with outdated third-party applications and browser plugins click on the link, an infection is installed that automatically converts their PC’s into zombies under the control of the botnet operated by the cybercriminal/gang of cybercriminals behind the campaign. More details:

Continue Reading »

Fake ‘iPhone Picture Snapshot Message’ themed emails lead to malware

by

We’ve just intercepted a currently circulating malicious spam campaign that’s attempting to trick iPhone owners into thinking that they’ve received a ‘picture snapshot message’. Once users execute the malicious attachment, their PCs automatically join the botnet operated by the cybercriminal/gang of cybercriminals, whose activities we’ve been closely monitoring over the last couple of months. More details:

Continue Reading »

Fake ‘Copy of Vodafone U.K Contract/Your Monthly Vodafone Bill is Ready/New MMS Received’ themed emails lead to malware

by

Cybercriminals continue targeting U.K based Internet users in an attempt to trick them into thinking that they’ve received a legitimate email from Vodafone U.K. We’ve intercepted two, currently circulating, malicious spam campaign that once again impersonate Vodafone U.K, this time relying on a bogus “Copy of Vodafone U.K” themed messages, the ubiquitous ‘MMS Message Received‘ campaign, as well as the most recent ‘Your Monthly Vondafone Bill is Ready‘ theme. More details:

Continue Reading »

Spamvertised ‘Vodafone U.K MMS ID/Fake Sage 50 Payroll’ themed emails lead to (identical) malware

by

We’ve intercepted two, currently circulating, malicious spam campaigns enticing users into executing the malicious attachments found in the fake emails. This time the campaigns are impersonating Vodafone U.K or pretending to be a legitimate email generated by Sage 50′s Payroll software. More details:

Continue Reading »

Tens of thousands of spamvertised emails lead to the Win32/PrimeCasino PUA (Potentially Unwanted Application)

by

By Dancho Danchev Looking for legitimate online gambling services? You may want to skip the rogue online casinos that I’ll highlight in this post. Over the past few days, we intercepted multiple spam campaigns launched by the same party, enticing users into downloading fake online casinos most commonly known as the Win32/PrimeCasino/Win32/Casonline PUA (Potentially Unwanted Application). More details:

Continue Reading »

Fake ‘iGO4 Private Car Insurance Policy Amendment Certificate’ themed emails lead to malware

by

In a clear demonstration of low QA (Quality Assurance) applied to an ongoing malicious spam campaign, the cybercriminals behind the recently profiled ‘Cybercriminals spamvertise tens of thousands of fake ‘Your Booking Reservation at Westminster Hotel’ themed emails, serve malware‘ campaign, have launched yet another spam campaign. Despite the newly introduced themed attempting to trick users into thinking that they’ve received a ‘iGO4 Private Car Insurance Policy Amendment Certificate‘, the cybercriminals behind it didn’t change the malicious binary from the previous campaign. More details:

Continue Reading »

Cybercriminals spamvertise tens of thousands of fake ‘Your Booking Reservation at Westminster Hotel’ themed emails, serve malware

by

By Dancho Danchev Cybercriminals are currently mass mailing tens of thousands of fake emails impersonating the Westminster Hotel, in an attempt to trick users into thinking that they’ve received a legitimate booking confirmation. In reality through, once the socially engineered users execute the malicious attachments, their PCs automatically join the botnet operated by the cybercriminals behind the campaign. More details:

Continue Reading »