Open this malware or I'll sue you

New malicious email attachments come with accusations, threats.

The latest social engineering trick to get victims to open malicious email attachments accuses them of being spammers and threatens to sue them if they don't stop.

It's all in an attempt to get targets to open up the zip attachment by telling them it contains evidence of their spamming. Actually it's an .exe file that infects the machine but displays like a document, according to the Websense Security Labs Blog.

MORE: Bigger isn't better when it comes to social engineering attacks

The attachment installs a downloader Trojan that copies itself to the system path so it executes when the system boots up. It connects to remote servers to download specific exploit files. The blog says the current attacks could contain other variants of the Trojan as attachments.

The new attack cropped up Monday in WebSense's ThreatSeeker network that gathers data about malicious email campaigns. The emails are dressed up to look like they come from real businesses that is upset because the recipient has been spamming them. "The emails even formally claims that legal action will be taken because of the spam you have sent," says the blog.

The blog includes an image containing the text of one such email: "Hello. Your email is sending spam messages! If you don't stop sending spam, we will be impelled to sue you! We've attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam messages. This is the final warning!

Subject lines include "You are sending ad messages", "We are going to sue you", "This is the final warning", "We've sent you a copy of a complaint" and "A message from our security service".

Learn more about this topic

1 in 3 in Massachusetts had personal data compromised 

RSA spearphish attack may have hit US defense organizations

Phishing attacks spiked in late 2010

Join the discussion
Be the first to comment on this article. Our Commenting Policies