In its spam report for the second quarter of 2013, Kaspersky revealed spotting a spam campaign designed to distribute malware with the aid of bogus email delivery failure notifications.
According to Kaspersky, the malicious email appears to be generated by the mailer daemon of the recipient’s email domain.
“Your message could not be delivered because the destination computer was not reachable within the allowed queue period. The amount of time a message is queued before it is returned depends on the local configuration parameters,” the notifications read.
Attached to the message is a malicious file named something like “instruction.exe” or “mail.scr.” These files hide a piece of malware detected by Kaspersky as Email-Worm.Win32.Mydoom.m.
For other spam campaigns that made the rounds in the second quarter of 2013 and for statistics check out Kaspersky’s report.