Threat Encyclopedia

New Spam Technique: Spam Within Spam

Published date: April 01, 2014

ANALYSIS BY

Chloe Ordonia


Cybercriminals are now using a new technique to lure potential victims - they are now attaching spam emails inside spam emails while taking advantage of names of known banks, such as Lloyds Bank, National Westminster Bank (NatWest), and Wells Fargo. Wells Fargo has been used in a Blackhole Exploit kit (BHEK) spam run in the past.

The new samples acquired appear to be notifications from the said banks, all containing an attachment named SecureMessage.msg. Clicking the attached message file opens another email, but this time containing a .ZIP attachment. The email message instructs the recipient to download the attachment in order to read the 'secured' message. A .ZIP attachment named SecureMessage.exe can be found in the email.

SPAM BLOCKING DATE / TIME: 01 Apr 2014 10:00:00 PM GMT-8
TMASE INFO

  • ENGINE:7.5
  • PATTERN:0604

Featured Stories

Connect with us on