Secure Message not so Secure

Friday, December 14, 2012 @ 01:12 PM gHale


There is a new variant of the Changeup malware apparently originating from financial institutions that offers a note saying “You have received a secure message.”

In order to spread this malicious element, cybercriminals launched the note in a new spam campaign, said researchers at Symantec.

RELATED STORIES
Botnet Back and Thriving
Botnet Hides on Tor Network
New Attacks from ‘Gameover’ Gang
Nitol Botnet Shares China Code

There are several variants of these emails making the rounds, said researchers at security firm Hoax Slayer. Some of them claim to come from Bank of America or Australia’s Commonwealth Bank, while others also come from Cisco.

In order to avoid falling victims to such attacks, users should refrain from opening attachments or clicking on links that arrive via suspicious emails. They’re also advised to ensure that an antivirus solution is running in the background to protect them against known cyber threats.

Here’s how the Changeup-spreading emails read:

“You have received a secure message

“Read your secure message by opening the attachment, SecureMessage.zip. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it.

“If you have concerns about the validity of this message, please contact the sender directly. For questions about [bank name] e-mail encryption service, please contact technical support at [phone number]

“First time users – will need to register after opening the attachment.”

After clicking on the attachment, the user becomes a victim.



Leave a Reply

You must be logged in to post a comment.