X

Nyheder

SPAMMAILS

Kriminelle truer dig med retssag

Du skal ikke tro på alt, du får i din indbakke. Lokkemaden i denne uge er truslen om en retssag.

Fandens hånd
Af Stina Christiansen 10/05-2010

It-kriminelle har fra morgenstunden udsendt talrige spammails. De ankommer med et dynamisk indhold og med den skadelige kode indlejret i et Microsoft Word dokument med begrænset opdagelse fra antivirus-programmer. Lokkemaden er en trussel om et søgsmål.

De uønskede e-mails ankommer med følgende indhold:

Fra: [Spoofet /forfalsket afsender adresse]

Emnelinje: (en af følgende kombinationer)

Urgent Security Update
Important Security Patch
Important Security Update
Security Update
IT Security Advisory

Indhold:

To whom it may concern,

It has come to our attention that you have made an unauthorized use of my
copyrighted work in the preparation of a work derived therefrom. We have
reserved all rights in the Work, which was first published in 2008, and we have
registered the copyright. The copyrighted images which appear on your web site,
are essentially identical to the Work and clearly used the Work as its basis.

You neither asked for nor received permission to use the Work as the basis
for it nor to make or distribute copies of it. Therefore, we believe you have
willfully infringed our rights under 17 USC Section 101, et seq. and could
be liable for statutory damages as high as $100,000.

I demand that you immediately cease the use and distribution of all
infringing works derived from the Work, and all copies of it, and that you deliver
to us all unused, undistributed copies of it, or destroy such copies immediately, and that
you desist from this or any other infringement of my rights in the future. If
we have not received an affirmative response from you by 10/05/2010 indicating
that you have fully complied with these requirements, we will be taking the
full legal remedies available to rectify this situation.

Please view the attached file for a copy of the suit documents.

Vedhæftet:
clvlzc.doc

Spammail retssagHvis den vedhæftede fil åbnes, af en uforsigtig modtager, så finder man et indlejret PDF dokument (court_documents.pdf).

Det indlejrede PDF dokument udnytter diverse sårbarheder i Adobe Reader/Acrobat og vil, hvis dokumentet åbnes, og systemet er sårbart, droppe flere filer til maskinen. I næste fase forbindes maskinen til en central C&C server med henblik på download af yderligere malware samt fjernstyring af systemet.

Så lad være med at åbne den vedhæftede fil og slet endelig mailen.

Kilde: CSIS Security Group 

Emneord i denne artikel