Ransomware Arrives via Fake eBay Invoice Email

 Analysis by: John Kevin Adriano

We recently have observed a spam campaign being delivered to users in the form of a purchase invoice that claims to be from the e-commerce company, eBay. Recipients of this fake invoice will see details on the total purchase and a download link to the said invoice for payment. The embedded link, if clicked, leads to different compromised websites that distribute ransomware. Moreover, the email even sports eBay's similar design to feign legitimacy. Unwitting users may find the spam's forged details hard to detect and eventually click on the malicious link.

Trend Micro users are protected from this kind of spam campaign and other similar threats that leverage malicious links and attachments. Effective spam filtering and proactive gateway solutions prevent emails such as this fake invoice from landing in the users' inboxes.
 SPAM BLOCKING DATE / TIME: September 07, 2017 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:3310