• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Spam   »   .RTF File Conceals Spam

.RTF File Conceals Spam

  • Posted on:May 4, 2010 at 3:00 am
  • Posted in:Spam
  • Author:
    Aljerro Gabon (Anti-spam Research Engineer)
2

A few days ago, TrendLabsSM engineers received spam containing salad words (see Figure 1) along with a .ZIP file attachment (see Figure 2). This mixture of random words can be seen in the subject header and in the spam body. This was purposely done by spammers to bypass anti-spam filters that users may already be using. The .ZIP file attachment contains an .RTF file.

Click for larger view Click for larger view

Though the .RTF file is not malicious, its contents comprise the actual spam as shown in Figure 3. The .RTF document also displays a link as well as the names of different adult medicine brands (e.g., Viagra, Cialis, Levitra, and others). Clicking the link redirects users to the Canadian pharmacy site shown in Figure 4.

Click for larger view Click for larger view

To protect yourself against similar attacks, always pay attention to every detail in email messages you receive. As this example demonstrates, it is sometimes quite easy to distinguish what is real from what is not. All you need to do is to carefully observe.

Trend Micro™ Smart Protection Network™ already protects product users from this particular threat by preventing the spam from even reaching their inboxes via the email reputation service and by blocking access to the phishing site via the Web reputation service. Non-Trend Micro product users can also stay protected by using free tools like eMail ID, a browser plug-in that helps identify legitimate email messages in inboxes.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.