Benny Jones Jr. Lifestream

links, insights, photos, videos and more on business, technology and wellness 
« Back to blog
Viewed 134 times
Favorited 0 times
Filed under
October 13, 2009

Dangerous SPAM email circulating

A new dangerous SPAM / Phish / Social-Engineering email is circulating which lures a user into downloading and installing a malware package onto their computer.  Be Vigilant!

===================================================================================================================================================

Problem

New SPAM / Phish / Social-Engineering attack via email.  The message is crafted to appear as if it came from an internal IT source, and prompts the user to download a "patch" to be ready for an upcoming "server upgrade" to the mail system.  The download is actually a multi-faceted malware package which installs Trojans, a key logger, disables AV software, and performs other actions on the user's PC.  Text of the message is pasted below with certain information redacted for safety.

=====================================================================================================================================================
Attention!

On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole. For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.

http://evil-link/evil-file

Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

=======================================================================================================================================================
Environment

Source: Email
Affects Windows Systems
=======================================================================================================================================================

 Resolution

1.    Do Not download file or click on links in email messages
2.    Contact IT Support if you have questions

=======================================================================================================================================================

Additional Information / References

SANS Internet Storm Center Diary Entry:  http://isc.sans.org/diary.html?storyid=7333

Loading mentions Retweet

Comments (0)

Leave a comment...

 
To leave a comment on this posterous, please login by clicking one of the following.
Posterous-login     Connect     twitter