This weeks most popular virus email variant attempts to use vague to it’s advantage.
Rather than trying to convince you that the emails is an official message from Ebay, Visa, Paypal, Chase or some other well known business, these messages are intentionally non-specific.
Subject lines refer only to some sort of “statement” like:
Subject: Statement of Fees
Subject: Statement of fees 2010
And the senders are all spoofed, completely randomized and with pretty addresses that don’t offer many clues as to the nature of the email:
From: Theodore Mitchell
From: Karl Davison
From: Loyd Mcintyre
In reality, these emails come from already infected personal computers belonging to zombie spambot networks spanning the globe:
- North-Dynamic-099.184.162.122.airtelbroadband.in
- triband-del-59.178.182.217.bol.net.in
- sava-gi-0-3-8.rekom.ru ([84.17.241.42]
- mm-227-20-120-178.dynamic.pppoe.mgts.by
- 93-178-249-103.static.vega-ua.net
The email body simply refers the recipient to the attachment:
Please find attached a statement of fees as requested, this will be posted today.
The accommodation is dealt with by another section and I have passed your request on to them today.
Kind regards.
And this is the whole purpose of the email: to get the recipient to infect their computer (thus becoming a zombie and joining the bot-net) by being so vague as to who is sending the statement and why, that the recipients will be forced to run the malware attachment out of overwhelming curiosity.
The attachments themselves are typically named in one of these common variations:
- Fees_2010.doc.zip
- Fees_2010.doc.exe
- Statement of fees 2010.htm
- statement of fees.zip
Keep in mind, and be aware that because of the ongoing randomization the Subject and attachment naming conventions may continue to mutate slightly.
- -
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.
Related posts:
