14 DAY TRIAL // Researchers from at least two IT security firms have spotted a new spam campaign that’s designed to distribute a piece of malware.
ThreatTrack Security has spotted emails entitled “Order Acknowledgement” which read something like this: “We acknowledge & confirm your order for [email address], as follows: Find herewith the attached order invoice.”
The link from the email points to a hacked website that has been set up to serve an archive file. The archive contains an executable that represents the actual malware.
The sample identified by ThreatTrack points to the website of an Italian financial institution.
Cisco experts have also analyzed the campaign. The company first identified it on September 6. However, significant activity was also recorded on September 10 and September 12.
In addition to the malicious email sample found by ThreatTrack, Cisco came across two fake FedEx emails that purport to contain an order history page.