Commtouch labs have detected large volumes of emails with malicious HTML attachments. The emails purport to come from a range of legitimate sites including:
Bell Canada
Craigslist
NewEgg
So let’s say you read our previous blog about the rise of the malicious HTML attachments. You open the attached HTML file in a text reader to find the malicious links [...]
Last week we saw an interesting series of emails which seemed to indicate a mid-outbreak change of tactic. The initial series of emails all had banking and account related themes. The emails indicated that it was necessary to open an attached document file. The attachments were actually zipped executable Trojan downloaders.
A Virus-Total (www.virustotal.com) scan showed [...]
Well-crafted emails mimicking Amazon order confirmations have been detected in large quantities in the past week. The Amazon logo and “your account” button actually take image files from the Amazon website. The email includes twelve links designed to motivate recipients to click:
More information about an Amazon Visa card
The ordered items are not shown and are [...]
In the last few weeks we have detected increasing usage of HTML attachments in a variety of message types – all of them attempting to install malware. These sorts of attachments are generally not blocked by message scanning systems. In addition they may arouse less suspicion in users than zipped attachments.
In the examples below, the [...]
Commtouch labs have received scores of emails targeting twitter users. The emails have been neatly constructed to include the email address within the email – making them look more genuine.
Recipients are asked to open an attached html file to view their new password. The website that loads contains a browser exploit. Not very friendly…
Being the number one name on the Web and also offering so many useful services naturally attracts misuse by the shadier side of the Internet. We’ve written in the past about the abuse of google docs and spreadsheets. And in our Q1 trend report we discussed the high percentage of spam emails with forged sender [...]
No, not really – but a recent outbreak seems to use no technique at all to get recipients to click on a link to a malware-hosting site. The emails (samples below) have no subject (other than RE: or FW:), no text telling you why you should click on the link, no hidden URLs behind on-screen [...]
Commtouch Security Alliance partners Sunbelt Software, RSA, the Security Division of EMC, and Commtouch held an informative webcast this past Thursday discussing the latest in web security threats. The webcast, entitled “Stormy Web Ahead: A Forecast of Web Security Threats in 2010,” provided essential information needed to understand the web security threats that organizations and [...]
From late May through June, Commtouch Labs noted a sharp rise in the number of new viruses being circulated via email that were not caught by the major anti-virus engines. A new Malware Report released by the company details several outbreaks whose wide distribution caused malware numbers to temporarily and exponentially increase from the rather [...]
What is a Milter?
Sendmail and Postfix are the most popular open-source mail transfer agent (MTA); Sendmail has both free and commercial editions.
Due to the emergence of threats and unwanted content such as viruses and spam, a need arose to filter those messages closer to the perimeter, before they reach the end-user mailbox; however, since both [...]
