Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    Spammers are clearly putting the holidays to good use, as they have made Christmas just another reason to spread malware.

    Trend Micro threat analysts recently received a spammed message purporting to come from 123greetings.com, a legitimate site that users can access to send e-cards to family and friends. The email message even sported the site’s logo (see Figure 1).

    Click for larger view Click for larger view
    Click for larger view Click for larger view

    However, upon further investigation of the spammed message’s header, we noticed that the sender’s IP address (see Figure 3) did not match that of the legitimate 123greetings.com site (see Figure 2).

    Click for larger view

    The spammed message urges the user to download and open the .ZIP file attachment (see Figure 4), which is actually an .EXE file detected by Trend Micro as WORM_PROLACO.Z (see Figure 5), in order to view the greeting card.

    In addition, according to 123greetings.com, the e-cards sent from the site are stored on 123greetings.com servers and so should not be attached to emails. In other words, to view e-cards sent from the site, users do not need to download anything.

    To keep your system malware-free this festive season, do not open unsolicited email messages. Be smart, use an effective security suite.

    Smart Protection Network protects Trend Micro product users by blocking the spammed messages and related malicious files (WORM_PROLACO.Z).





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice