Where to Buy Trend Micro Products

For Home

For Small Business

1-888-762-8736
(M-F 8:00am-5:00pm CST)

For Enterprise

1-877-218-7353
(M-F 8:00am-5:00pm CST)

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

Login

For Home

For Business

For Partners

Threat Encyclopedia

Fake Invoice Notification Malspam Uses Dropbox Link To Spread Malware

ANALYSIS BY

Mark Christian Aquino


The team received a mail sample recently, with the body of the mail written in Portuguese. Upon analysis, we discovered that the mail's FROM headers does not contain the same email domains and seems to be randomly generated. The mail's content talks about an issued invoice, and then goes on to ask the reader to click the link provided in the mail. The link, once clicked, would direct users to a legitimate dropbox link. The files that customer would download after clicking the link are far from legitimate, instead being malware which is detected by Trend Micro as TROJ_BANLOAD.IMO.

Users are asked to take extra precaution accessing emails from email addresses they are not familiar with and avoid clicking suspicious URLs inside the mail.

The spam mail and the links it contains are already detected and blocked. Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.

SPAM BLOCKING DATE / TIME: 27 Jun 2013 10:00:00 PM GMT-8
TMASE INFO

  • ENGINE:7.0
  • PATTERN:9980

Connect with us on