Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Spammers are clearly putting the holidays to good use, as they have made Christmas just another reason to spread malware.

    Trend Micro threat analysts recently received a spammed message purporting to come from, a legitimate site that users can access to send e-cards to family and friends. The email message even sported the site’s logo (see Figure 1).

    Click for larger view Click for larger view
    Click for larger view Click for larger view

    However, upon further investigation of the spammed message’s header, we noticed that the sender’s IP address (see Figure 3) did not match that of the legitimate site (see Figure 2).

    Click for larger view

    The spammed message urges the user to download and open the .ZIP file attachment (see Figure 4), which is actually an .EXE file detected by Trend Micro as WORM_PROLACO.Z (see Figure 5), in order to view the greeting card.

    In addition, according to, the e-cards sent from the site are stored on servers and so should not be attached to emails. In other words, to view e-cards sent from the site, users do not need to download anything.

    To keep your system malware-free this festive season, do not open unsolicited email messages. Be smart, use an effective security suite.

    Smart Protection Network protects Trend Micro product users by blocking the spammed messages and related malicious files (WORM_PROLACO.Z).

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice