new egold phisher - this time it's a malware executable
So, the e-gold phishers are at it again... received a very nice email this morning with an attachment. The Received-From header showed this beauty: "from 195.56.214.184 (dwwsaviej@cable-214-184.hszob.fibernet.bacs-net.hu [195.56.214.184] (may be forged))" Indeed! Don't know if it's a trojan, spyware, virus, or worm, and I couldn't care less since I don't use egold, but would be interesting (just for curiosity's sake) if someone were to disassemble it to see what it does. It's probably a password grabber of some kind, so falls under spyware, but who knows what other evil payloads were in the attachment. ROTFL! ------------------------------------------------------------------------- Text said: Dear E-gold Customer, Herewith we strongly recommend you to install this Service Pack to your PC, as lately we have received a lot of complains regarding unauthorized cash withdrawals from our customers' accounts. This upgrade blocks all currently known Trojan modules and eliminates the possibility of cash withdrawals without your authorization. We highly recommend to install this Service Pack to secure your accounts. Please note, that E-gold doesn't take any responsibility and doesn't accept any claims regarding losses caused by fraudulent actions, if your account has not been duly protected by the present Service Pack. Please find enclosed the archive of the Service Pack installation file in the attachment to this message.
Got another one today with a RAR attachment claiming it was a screen shot. Text is: Dear Sir Yesterday you have arrived the amount of $1000 into my account. Of course, I do not object, but you probably were mistaken number of the account when transferred, and it happens not first time. Please look an attached screenshot of all your transfers into my account. I have no idea why you transfer money to me, as I do not know you, and I need no money. If you were mistaken, I'll return this money to you! Sincerely. Nice... what's next? an egold transfer from a lawyer claiming a long lost uncle kicked the bucket and left me a fortune? :-D Wheee! sunder wrote:
So, the e-gold phishers are at it again... received a very nice email this morning with an attachment. The Received-From header showed this beauty: "from 195.56.214.184 (dwwsaviej@cable-214-184.hszob.fibernet.bacs-net.hu [195.56.214.184] (may be forged))"
Indeed!
Don't know if it's a trojan, spyware, virus, or worm, and I couldn't care less since I don't use egold, but would be interesting (just for curiosity's sake) if someone were to disassemble it to see what it does. It's probably a password grabber of some kind, so falls under spyware, but who knows what other evil payloads were in the attachment.
ROTFL!
------------------------------------------------------------------------- Text said:
Dear E-gold Customer,
Herewith we strongly recommend you to install this Service Pack to your PC, as lately we have received a lot of complains regarding unauthorized cash withdrawals from our customers' accounts. This upgrade blocks all currently known Trojan modules and eliminates the possibility of cash withdrawals without your authorization. We highly recommend to install this Service Pack to secure your accounts. Please note, that E-gold doesn't take any responsibility and doesn't accept any claims regarding losses caused by fraudulent actions, if your account has not been duly protected by the present Service Pack.
Please find enclosed the archive of the Service Pack installation file in the attachment to this message.
participants (1)
-
sunder