14 DAY TRIAL // An interesting spam campaign, mainly targeted at users from Germany, has been spotted by security experts from Kaspersky Lab. Cybercriminals have been sending out fake reminders on the 4th or 21st of almost every month.
The attacks start with a notification email that carries an attachment named “Mahnung [recipient name].pdf” (“Mahnung” can be translated as “overdue notice” or “reminder”).
These PDF files contain an exploit, detected by Kaspersky as Exploit.JS.CVE-2010-0188.e, which is not easy to identify because it’s hidden under two layers of JavaScript.
When executed, the exploit downloads a Trojan, Trojan.Win32.Yakes.cngh.
Experts have noticed that similar spam campaigns were initiated on the 4th and 21st of several past months. For instance, such malicious PDF files were observed on November 21, and later on January 4, and February 21.
Based on this pattern, Kaspersky warns users to be on the lookout for such emails on March 21 or April 4. However, now that the security firm has published the report, the cybercriminals might change their tactics, so be cautious on other days as well.