14 DAY TRIAL // Emails entitled “Subscription Details,” apparently coming from a company called WTX Media INC, are used by cybercriminals to distribute malware.
The notifications in question, identified by Conrad Longmore of Dynamoo’s Blog, read something like this:
“We hereby inform you that your subscription has been activated, your login information is as follows:
Username: IX9322130 Password: X#(@kIE04N Login Key: 839384
Please do not share the login information with anyone as this account is only for your use, sharing the account will result in account termination without a refund.
The credit card on file submited by you will be billed within 24 hours, in the amount of 499.00 GBP, amount equal to one year unlimited subscription.
Your bank statement will show up as being billed by ‘WTX Media INC’.”
Those who fall for it and click on the link are taken to a malware serving site, dajizzum.com.
“dajizzum.com is hosted on 109.123.100.219 (UK2.NET, UK) which appears to be a hijacked server. At the moment I can only see that one site hosted on this box, but blacklisting the IP as a precaution may be wise,” Longmore advises.