2 min read

Malware-Bundled Spam Run Keeps Your Boss in Carbon-Copy

Bogdan BOTEZATU

May 25, 2012

Malware-Bundled Spam Run Keeps Your Boss in Carbon-Copy

When it comes to spam, cyber-crooks have always shown new and creative ways to dupe the unwary. From fake Facebook reset passwords and curriculum vitae suggestions to naked pictures with one’s teenage girl, one might think they’ve seen it all.

Today’s spam run comes disguised as a notification about an undeliverable parcel sent through DHL. Visually, the message has everything to really make the user believe they missed the courier package: the logo, the spoofed sender’s e-mail address and even a tracking number.

The attachment carries an executable file called dhltracking.exe and not the expected document. If opened, the attachment infects the user’s computer with a bot which is poorly detected by antivirus vendors and could allow an attacker to take control of the PC.

This usual missed parcel scam has become notorious over the past two years. What is important in this specific wave is that attackers took enough time to target corporate users and maximize damage by cc’ing the same message to an executive in the company. This “documentation” procedure is probably automated (scripts crawling the company website for key people). And then repeat the process using a different tracking code and the name of the former boss:

So, the question is: “Why is this spam run more important than others?”. It’s because the advanced use of social engineering allows the attacker to catch two rabbits with one e-mail. You can spam two people at once without raising suspicion. CC-ing the line manager is common practice in most businesses. Chances are the respective manager will open the message to see what the parcel notification is about. Last and most importantly, by infecting executives, the attacker may end up with some trade secrets or intellectual property at hand.

Except, of course, when spammers try to attack executives who literally set the cornerstone of the antivirus industry.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read