Stolen passwords used as bait in malware spam run

At the rate at which databases of various online services are currently being compromised, I expect that emails such as this latest one spotted by Symantec will become a common occurrence:

Notice the greeting. It’s followed by the user’s password (obscured here for obvious reasons).

“Seeing private data in an email like this would definitely raise suspicions that the sender has some kind of connection to the recipient, or worse, has comprised their account details,” says the researcher. “The ultimate goal for the sender is that the user’s curiosity would be piqued sufficiently to open the attachment which would, of course, deliver the inevitable malware payload.”

In this case, the malicious payload is the information-stealing Zeus Trojan, and the compromised password seems to come from the database of a popular social gaming website.

The problem with these massive database compromises is that potential cyber attackers gain a lot of personal information about users, allowing them to tailor further attacks by luring them in by citing correct information that will make them accept the validity of the message.

Once again, users are advised to never open an attachment or a link contained in unsolicited emails and, if in doubt, to confirm its authenticity by checking with the alleged sender.




Share this