Threat Encyclopedia

Fraudulent German Invoice Notification Contains Malware

Publish date: February 07, 2013


Neil Yves Pondo

The use of bogus invoices remains an effective social engineering tactic as seen in the continuous usage of such technique. Recently, we spotted a spammed message written in German language that purports as a notification. It informs users that their invoice is contained in the attached .ZIP file. When users opened the attachment, it executes a malware detected as TSPY_BEBLOH.MJM. This spyware steals information such as IP address, OS version, hardware ID, and socks port among others. It also monitors websites related to financial institutions and steals FTP credentials on the infected system. 

Trend Micro protects users from this threat via its Smart Protection Network that detects the spam and malicious file.

SPAM BLOCKING DATE / TIME: 07 Feb 2013 09:12:00 AM GMT-8

  • ENGINE:7.0
  • PATTERN:9620

Featured Stories

Connect with us on