Bogus Funeral Notification Emails Point to Malware
OutlineMessage purporting to be from a funeral home notifies recipients about an upcoming funeral and instructs them to click a link to view an invitation and more details about the ceremony.
© Depositphotos.com/ Steve_Allen
Brief AnalysisThe email is not from any funeral home. The link in the message opens a compromised website that harbours malware. If installed, this malware may join the infected computer to a botnet and install further malware. Details in the fake notification emails may vary. If you receive one of these messages do not click any links or open any attachments that it contains.
Subject: Funeral notification
For this unprecedented event, we offer our deepest prayers of condolence and invite to you to be present at the celebration of your friends life service on Thursday, January 17, 2014 that will take place at Eubank Funeral Home at 11:00 a.m.
Please find invitation and more detailed information about the farewell ceremony here .
Best wishes and prayers,
Funeral home receptionist,
Emails, which purport to be from various funeral homes, supposedly notify recipients of an upcoming funeral. The emails instruct recipients to click a link to access a funeral invitation and find out more details about the ceremony.
However, the emails were not sent by the funeral homes that they name. Instead, they are part of a criminal campaign designed to trick recipients into downloading and installing malware.
The example included here claims to come from Eubank Funeral Home. This is a lie, and the Eubank Funeral Home has warned users about the scam emails via its website, noting:
Urgent Warning: An email has been sent out appearing to come from Eubank Funeral Home. Please do not open the link as it is SPAM.Alternative versions name different funeral homes. Subject lines, formatting, and other details may vary. But, all versions contain links to compromised websites that harbour malware.
Those who do fall for the trick and click the link will reach a website that may offer a .zip download. If downloaded and unzipped, the file will reveal a malicious .exe file. When opened, this exe file can install malware on the user's computer and connect to the infamous Asprox botnet. It may also download and install other malware components.
This campaign is similar to another recent spate of malware emails that masqueraded as wedding invitations. Again, links in the emails open compromised sites that contained malware.
If you receive one of these fake funeral notification emails, do not click any links or open any attachments that it may contain.