Mon, 06/08/2009 - 14:17 — Igor Donchenko
Doctor Web virus analysts have discovered a large-scale mailing of spam messages with attached malicious programs.
Starting June 1 Doctor Web virus analysts have been registering a steadily increasing number of e-mails with attached malware.
In the night between May 31 and June 1 users could get messages informing them that they received an e-card from one of their family members. However, the attached ecard.exe was nothing more than a Trojan detected by Dr.Web anti-viruses as Trojan.DownLoad.37569.
In the night between June 1 and 2 Trojan.PWS.Panda.122 was sent to users as an e-card. This malicious program scans Internet traffic of the compromised system to obtain passwords used to access online banking or electronic payment systems.
Messages with attached Trojan.DownLoad.36339 appeared in the evening of June 2. This time spammers used a more creative approach and apart from a fake e-card users also received messages offering critical updates for MS Outlook and The Bat!
Almost identical phishing e-mails offering to download critical updates for mail clients from a specified web-site are supposedly sent by the same criminals. On the bogus web-site the victim is offered to enter his e-mail account information in order to reconfigure his e-mail client.
Doctor Web does not recommend users to open suspicious files attached to e-mails or use the contact data of the company mentioned in the e-mail to make sure the e-mail is genuine. Never provide your personal information in a web-form that has never been meant to collect it. For instance a developer of a mail client is unlikely to be interested in your e-mail account details which should only be specified when you configure your e-mail client.