That’s Malware, Not Apple Gift Card

A spam email is making the rounds where an unsuspecting victim may think he is winning a $200 Apple Store Gift Card.

Wrong.

If the victim clicks on the link, they end up downloading a nasty piece of malware.

RELATED STORIES
Malware Shifts to New Port Range
Spam Botnet Dodges Detection
Customized Mobile Number Harvesting
Custom Spam Uses Personal Data

“Dear client! You got our $200 Apple Store Gift Card,” the message, crafted to look like a legitimate email from Apple, reads. “Please click the link or look at the attachment to obtain the Apple Store Gift Card code.”

Victims that follow the instructions will instead download malware that steals data from their computer. A MacRumors report indicates the malware only compromises Windows-based machines.

The spam currently making the rounds came on the radar of security researchers at Webroot, who detailed the nature of the campaign in a blog post.

“What’s particularly interesting about this campaign is that the cyber criminal(s) behind it are mixing the infection vectors by relying on both a malicious attachment and a link to the same malware found in the malicious emails. Users can become infected by either executing the attachment or by clicking on the client-side exploits serving link found in the emails,” Danchev wrote in the post.

Email phishing, spamming and scamming has been around for years, but lately attackers have become increasingly creative with their campaigns.