Fake Corporate Policy Emails Lure Users to Malware-Serving Sites

The malicious notifications are entitled “RE: Korbin – Copies of Policies”

By on February 15th, 2013 19:21 GMT

Cybercriminals are using bogus corporate policy emails to trick unsuspecting employees into clicking on links that lead to malicious websites.

According to Dynamoo’s Blog, the emails are entitled something like “RE: Korbin – Copies of Policies,” but the name is sometimes replaced with Kanisha or Keshia.

“Unfortunately, I cannot obtain electronic copies of the Ocean, Warehouse or EPLI policy. Here is the Package and Umbrella, and a copy of the most recent schedule,” the bogus emails read.

When users click on the links they contain, they’re taken to one of many malicious Russian websites hosted on servers located in France, Kazakhstan or Mongolia.

These particular emails have been making the rounds for a few months now, but it appears they’re still successful in spreading malware.

Another noteworthy thing is that the same cybercriminals are using other spam emails as well in an attempt to trick corporation employees. One example is the fake “Scan from a HP ScanJet” spam run.
Bogus policy emails
   Bogus policy emails
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments