Skip to content

Export page to PDF
New Spam Technique: Spam Within Spam
Spam Blocking Date/Time: 01 Apr 2014 10:00:00 PM GMT-8

Cybercriminals are now using a new technique to lure potential victims - they are now attaching spam emails inside spam emails while taking advantage of names of known banks, such as Lloyds Bank, National Westminster Bank (NatWest), and Wells Fargo. Wells Fargo has been used in a Blackhole Exploit kit (BHEK) spam run in the past.

The new samples acquired appear to be notifications from the said banks, all containing an attachment named SecureMessage.msg. Clicking the attached message file opens another email, but this time containing a .ZIP attachment. The email message instructs the recipient to download the attachment in order to read the 'secured' message. A .ZIP attachment named SecureMessage.exe can be found in the email.

Analysis By: Chloe Ordonia

Connect with us on