TrendLabs received sample spammed messages claiming to be lawsuit notices. The messages informed recipients of a copyright infringement lawsuit that has been filed against them. The email supposedly came from legitimate law firms such as Marcus Law Center and Crosby & Higgins and even included a copy of the said “lawsuit.”
The first sample contains an embedded link to a copy of the “lawsuit” while the second has a .DOC file attachment that contains details of the said “lawsuit.” Clicking the link and opening the file attachment, however, led to the download of malicious files detected by Trend Micro as TROJ_DLOADR.AUI and TROJ_AGENT.STM, respectively, instead of more details on the supposed lawsuit.
Trend Micro™ Smart Protection Network™ protects product users from this attack by preventing the spammed messages from even reaching users’ inboxes via the email reputation service and by blocking access to malicious sites and domains that host malware-ridden files via the Web reputation service.
Non-Trend Micro product users can also stay protected from similar attacks by using eMail ID, a free tool that uses a two-step verification process to help users quickly find legitimate messages in their inboxes.