FYI...

Airlines - infected ticket invoices...
Attachment contains same Trojan horse that stole 1.6M records from Monster.com last year
- http://preview.tinyurl.com/66ayhz
July 28, 2008 (Computerworld) - "Several airlines, including Delta Air Lines Inc. and Northwest Airlines Corp., have warned customers that bogus e-mails posing as ticket invoices contain malware and urged them to immediately delete the messages. A researcher at McAfee Inc. confirmed the campaign in a post to the company's blog*. The e-mails, which purport to be from an airline, thank the recipient for using a new "Buy flight ticket Online" service on the airline's site, provide a log-in username and password, and say the person's credit card has been charged an amount usually in the $400 range. An attachment claims to be the invoice for the ticket and credit card charge..."
* http://www.avertlabs.com/research/blog/ind...m-takes-flight/

More...
- http://www.f-secure.com/weblog/archives/00001477.html
July 30, 2008 - "... Today when we saw a large spam run sending out fake JetBlue etickets... The mail contains a ZIP file that contains the file eTicket#1721.exe which we detect as Trojan-Spy:W32/Zbot.QO. The malware itself tries to steal usernames and passwords to online banks..."
(Screenshot available at the F-secure URL above.)

- http://www.us-cert.gov/current/#airline_e_...et_email_attack
July 31, 2008



This post has been edited by AplusWebMaster: Aug 5 2008, 04:29 AM

FYI...

Payment Request SPAM contains malware
- http://blog.trendmicro.com/payment-request...ntains-malware/
Nov. 18, 2009 - "TrendLabs researchers received spammed messages purporting to have come from various companies such as eBay, J.P. Morgan Chase and Co., and Colgate-Palmolive, among others. The email bore the subject, “Payment request from,” and informs users about a certain recorded payment request... The spammed message even gave users two options—to either ignore the email if the payment request has been made or to download the attached .ZIP file and install the inspector module to decline the said payment request. If the user does not make any transaction, he/she still needs to download the attachment just to cancel the payment request. The attached .ZIP file is, of course, not an inspector module but an .EXE file (module.exe) detected by Trend Micro as TROJ_AGENTT.WTRA. Users are advised to be wary before opening -any- attached files even if they come from known sources. It is also best to verify emails you receive from any company first just to be sure it is legitimate..."

(Screenshots available at the URL above.)

FYI...

FDA targets online pharmacy counterfeits
- http://www.theregister.co.uk/2009/11/20/fd...harmacy_action/
20 November 2009 - "The US Food and Drug Administration said it has completed a sweep of illegal online pharmacies that targeted 136 websites that appeared to be illegally selling drugs to American consumers... Websites peddling Viagra, steroids and other pharmaceuticals have emerged as a major source of spam over the past few years. In addition to clogging inboxes, the sites can put customers' health at risk because the drugs are frequently counterfeits. According to a study released in August, almost 90 percent of online drugstores advertised on Microsoft's Bing search engine violated federal and state laws... The FDA said the notices* sent to service providers and registrars may give them grounds to terminate service to their customers."
* http://www.fda.gov/NewsEvents/Newsroom/Pre...s/ucm191330.htm

> http://www.fda.gov/ForConsumers/ConsumerUp...s/ucm048396.htm

- http://forums.whatthetech.com/SPAM_frauds_...st&p=611190



This post has been edited by AplusWebMaster: Today, 06:25 AM