Bogus eFax Corporate Emails from Craigslist Carry Malware

Users are advised to beware of suspicious-looking emails

By Eduard Kovacs on January 25th, 2013 20:31 GMT

Cybercriminals are using a combination of social engineering tactics to trick users into opening malware-spreading emails. Avira experts have come across emails that appear to come from Craigslist, but sent via eFax Corporate.

The messages, which have nothing to do with either Craigslist or eFax, inform recipients that they’ve received a 24-page fax.

However, researchers have discovered that the attachment is not a fax, but an HTML file which contains a malicious JavaScript code. When executed, the script downloads malware onto the victim’s computer.

The malicious elements are detected by Avira products as HTML/Redir.EB.8 and JS/Column.EB.18.

Bogus eFax emails have been making the rounds for quite some time now, but it appears the spam campaign is still going strong.

That’s why it’s important for users, especially those from corporate environments, to be highly cautious before opening such emails.
Bogus eFax email
   Bogus eFax email
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments