Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Bogus Funeral Notification Emails Point to Malware

Outline
Message purporting to be from a funeral home notifies recipients about an upcoming funeral and instructs them to click a link to view an invitation and more details about the ceremony.

Trojan Horse

© Depositphotos.com/ Steve_Allen



Brief Analysis
The email is not from any funeral home. The link in the message opens a compromised website that harbours malware. If installed, this malware may join the infected computer to a botnet and install further malware. Details in the fake notification emails may vary. If you receive one of these messages do not click any links or open any attachments that it contains.

Bookmark and Share

Example

Subject: Funeral notification

For this unprecedented event, we offer our deepest prayers of condolence and invite to you to be present at the celebration of your friends life service on Thursday, January 17, 2014 that will take place at Eubank Funeral Home at 11:00 a.m.

Please find invitation and more detailed information about the farewell ceremony here .

Best wishes and prayers,
Funeral home receptionist,

Kevin Kelly

Funeral Notice Malware


Detailed Analysis


Emails, which purport to be from various funeral homes, supposedly notify recipients of an upcoming funeral. The emails instruct recipients to click a link to access a funeral invitation and find out more details about the ceremony.

However, the emails were not sent by the funeral homes that they name. Instead, they are part of a criminal campaign designed to trick recipients into downloading and installing malware. 

The example included here claims to come from Eubank Funeral Home. This is a lie, and the Eubank Funeral Home has warned users about the scam emails via its website, noting:

Urgent Warning: An email has been sent out appearing to come from Eubank Funeral Home. Please do not open the link as it is SPAM.

Alternative versions name different funeral homes. Subject lines, formatting, and other details may vary. But, all versions contain links to compromised websites that harbour malware.

Those who do fall for the trick and click the link will reach a website that may offer a .zip download. If downloaded and unzipped, the file will reveal a malicious .exe file. When opened, this exe file can install malware on the user's computer and connect to the infamous Asprox botnet. It may also download and install other malware components.

This campaign is similar to another recent spate of malware emails that masqueraded as wedding invitations. Again, links in the emails open compromised sites that contained malware.

If you receive one of these fake funeral notification emails, do not click any links or open any attachments that it may contain.

Bookmark and Share

Last updated: January 17, 2014
First published: January 17, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Eubank Funeral Home
Death Notification - Asprox Malware
Wedding Invitation Malware Emails




Go to Mobile Version