Issue 145 - December 2012 (2nd Edition) - Page 2
'You Have Received a Secure Message' Malware Emails
Email claims that you have received a secure message which can be read by opening an attached file.
The email is not form any legitimate organization and the attachment does not contain a message, secure or otherwise. In fact, the attached .zip file harbours a malicious .exe file that, if opened, can install malware on the compromised computer. If you receive one of these emails, do not open any attachments or click on any links that it may contain.
Scroll down to submit comments
Last updated: December 13, 2012
First published: December 13, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: You have received a secure message
You have received a secure message
Read your secure message by opening the attachment, SecureMessage.zip. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it.
If you have concerns about the validity of this message, please contact the sender directly. For questions please contact the [ bank name] Secure Email Help Desk a [.....].
First time users - will need to register after opening the attachment.
About Email Encryption - [Link to bank security notice]
Malicious emails like the example shown above are currently being distributed by Internet criminals. The emails claim that users have received a secure message. They inform recipients that they can read the secure message by opening an attached .zip file. To further the illusion of legitimacy, links in some of the emails point to genuine security information on the targeted entity's real website. The emails also use spoofed addresses to make it appear that the messages really do originate from the targeted company.
The financial institution or company named in the scam emails varies considerably. Recent versions have purported to be from Bank of America and Australia's Commonwealth Bank. Another version falsely identifies networking company Cisco as the sender.
Those who fall for the ruse and unzip the attached file will then be presented with a .exe file named
"SecureMessage.exe" or similar. If they proceed to open this .exe file, they will install a version of the W32.Changeup malware
on their computers. This malware can make contact with a remote server and download and install further malware.
If you receive one of these malware emails, do not open any attachments that it may contain. Do not follow any links in the message.
Spam Contributing to Increase of W32.Changeup Infections
Pages in this issue:
- Hoax - NASA Predicts Total Blackout of Planet in Dec 2012
- 'You Have Received a Secure Message' Malware Emails
- Christmas Cards For Dalton Dingus
- Jim Carrey is NOT Dead
- Australian Power & Gas 'Payment Receipt' Malware Emails
- Gmail 'Update Account' Phishing Scam
- Starbucks Lack of Support For Iraq Troops Rumor
- Holiday Horrors - Are Common Seasonal Decorations Toxic?
- Facebook 'Site Governance' Email is Legitimate
- RapidFax Malware Email
- Facebook Survey Scam - Free Bunnings Gift Card
- Plea to Help Find Homes for 52 Thoroughbred Horses
- Giant Table and Chairs Horse Shelter Photograph
- Wrestling Star John Cena is NOT Dead
- Facebook 'Pirates' Fraud Warning
- Leptospirosis Death Warning - Rat Urine on Soda Can Top
- Egg Windshield Attack Robbery Warning
- 'Assistance Internet' Email Account Phishing Scam
- Misleading Health Advice Email - 'Mayo Clinic on Aspirin and Heart Attacks'