Malware Watch: U.S Chamber of Commerce official letter; DHL delivery error, IRS notifications
Summary: In this week's Malware Watch we'll profile three currently active and spreading malware campaigns.
In this week's Malware Watch we'll review three currently active and spreading malware campaigns.
In the first campaign, malicious attackers are attempting to trick end users into downloading and executing a malicious file attachment, while impersonating the U.S Chamber of Commerce.
According to AppRiver, the malicious attachments USChamber.zip are actually a copy of the ZeuS crimeware.
Spamvertised message:
Hello, on the advice of your partners, we are sending you this letter. In the attached file you will find the offer of cooperation and common development of adjacent areas of our business. Thank you for your attention.
The second campaign is impersonating DHL for malware-serving purposes.
Spamvertised message:
Dear Sir/Madam,Your package has been returned to the DHL office. The reason of the return is – Error in the delivery addressPlease refer to attached file for additional detailsAttached to the letter mailing label contains the details of the package delivery. You have to print mailing label, and come in the office in order to receive the packages.Thank you for attention.Your DHL
Detection rate for the malicious attachment.
The third campaign is impersonating the Internal Revenue Service for malware serving purposes.
Tax notice, There are arrears reckoned on your account over a period of 2010-2011 year. You will find all calculations according to your financial debt, enclosed. Sincerely, Internal Revenue Service
Detection rate for the malicious attachment.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Ah yes, the ever-popular forged sender id is alive and well
Lock-down how: PGP/GNuPG
Encouraged/Mandated by: Federal Law, if enacted.
Make part and parcel part of a email encryption privacy protection act.
ISPs would then act based on the presence or absense of a signed certificate on each email:
If absent, shunt to off-line
If present, forward to recipient.
RE: Malware Watch: U.S Chamber of Commerce official letter; DHL delivery error, IRS notifications
Seems like a lot of trouble to go through to be able to send grandma a pic of the kid. I'm personally not for more laws and regulations. You can try as you might, but you'll never be able to protect stupid people from themselves by enacting more laws to inconvenience the normal folk.
RE: Malware Watch: U.S Chamber of Commerce official letter; DHL delivery error, IRS notifications
Amazing! what will these guys try next? Thank god I have my PC protected with the <br><a href="http://www.bestantivirus2012.com> Best Antivirus </a> I found on that site but I was not that lucky last week when I opened an attachment and my PC got loaded up with malware that completely shut me down. No one understand what a total hassle it is to have your computer infected till it happens.