TrendLabsSM security researchers recently noted an increase in the volume of spammed messages posing as newsletters from Amazon. These email messages even sported a supposed Amazon email address, {BLOCKED}ers@amazon.com, to make them look more credible. The messages even featured various product endorsements to fool recipients into thinking they were legitimate. Clicking the images and embedded…
Read MoreBeware, Twitter enthusiasts! Spam posing as Twitter email notifications are currently proliferating in the wild. The spam are of two types—the first type attempts to steal personal information or login credentials while the second attempts to infect systems with malware. A legitimate Twitter notification email looks like this: It usually begins with “Hi, *name of…
Read More.PDF files—or their inherent features—have been used by cybercriminals in some of the most noteworthy attacks we have encountered. Modified versions of this file type have been especially notorious these past few months since they are capable of attacking user systems by initially exploiting inherent vulnerabilities found in Adobe Reader and Acrobat. TrendLabsSM has documented…
Read MoreZeuS/ZBOT is best known for its information-stealing routines via the use of configuration files downloaded from their home sites. They are created using toolkits that allow remote control of the malware. Getting them to infect target systems is the tricky part. Cybercriminals have thus tried utilizing drive-by downloads, spammed messages, worm propagation, and many more…
Read MoreTrendLabsSM received reports of a suspicious email claiming to be an IT notification. It informs users that their mailbox settings have been changed. This email has a .PDF attachment that supposedly contains instructions that the users need to read before updating their settings. This attack is similar to many we have seen previously purporting to…
Read More