Your Funds Will Be Transfered

Filed Under: SophosLabs, Spam

This morning while monitoring our spam traps I was greeted with the following proposition:

 

Added to the suspiciously poor spelling and grammar, the message also has an attachment named "WU Money Sent.exe."

By this point any sane person would have deleted the email with its attachment and got back to watching England's depressingly poor performance in the 4th Ashes Test. However, if the thought of an innings defeat drives you to the madness of running such an attachment then the following note would be displayed:

 

While this text file is displayed the self-extracting rar file (proactively detected as Mal/Dropper-PQ) runs malware designed to terminate certain AV programs and silently installs a keylogger that will record all keystrokes on the machine.

The only funds likely to transfered in this scenario will be going out of your account.

You might like

About the author

James Wyke is a Senior Threat Researcher with SophosLabs UK