This malicious e-mail was written from overseas country though; those have been being sent in Korea via e-mail.
Because it was disguised as a "Credit card suspension information mail", in case of general credit card holder, they can see the mail and download and execute attachments without doubt.
2. Spreading path and symptoms of infection
This kind of malicious e-mail can be received on using internet by personal e-mail account information leakage. In addition malicious file attached in e-mail can be downloaded including SNS, Instant messenger.
This following figure is the one of those e-mails.
* Similar malicious e-mails
* Mail body
Subject: Your credit card has been blocked
Dear User,
ATTENTION : Your credit card is blocked!
With your credit card was removed $ 586,96
Possibly illegal operation!
More info in the attached file.
Immediately contact your bank.
Best wishes, VISA CUSTOMER SERVICES.
Attachments: sample.exe
Subject: MASTER CARD TEAM 03
Dear Consumer,
Your credit card is blocked!
Your credit card was withdrawn $ 5107,94
Possibly illegal operation!
More information in the attached file.
Instantly contact your bank.
Best Wishes, MASTER CARD Team.
Attachments: fedex78123.exe
Subject: Your credit card has been blocked
Dear User,
ATTENTION : Your credit card is blocked!
With your credit card was removed $ 586,96
Possibly illegal operation!
More info in the attached file.
Immediately contact your bank.
Best wishes, VISA CUSTOMER SERVICES.
Attachments: sample.exe
Subject: MASTER CARD TEAM 03
Dear Consumer,
Your credit card is blocked!
Your credit card was withdrawn $ 5107,94
Possibly illegal operation!
More information in the attached file.
Instantly contact your bank.
Best Wishes, MASTER CARD Team.
Attachments: fedex78123.exe
This mail leads user to download attachments for getting more details about credit card suspension.
Those malicious e-mails may contain following files as an attachments.
These attachments’ file name may be changed in vary. The files attached malicious e-mail are usually fake anti-virus installation file. Detailed analysis is on process.
3. How to prevent
General user can hardly notice something happened in his PC while spreading malicious file with using social engineering.
To use PC safely from security threats of these malicious files, we recommend following tips "Security management tips" for general users.
Security management tips
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function such as malicious file stated above and runs responding system 24 hours against various security threats.
Diagnosis name
- Trojan/W32.Agent.81408.MM
- Trojan/W32.Agent.79872.KV
- Trojan/W32.Agent.67584.OP
شركة شراء اثاث مستعمل بالرياض
ReplyDeleteشركة تنظيف مجالس بالرياض
شركة تنظيف شقق بالرياض
شركة تنظيف خزانات بالرياض
شركة تنظيف بيارات بالرياض
شركة جلي بلاط بالرياض
شركة تخزين اثاث بالرياض
شركة عزل الاسطح بالرياض
شركة مكافحة النمل الابيض بالرياض
شركة كشف تسربات المياه بالطائف
شركة تخزين عفش بالطائف
كيفية التخلص من الصراصير
شركة تنظيف فلل بالطائف
شركة مكافحة الصراصير بالطائف