Scammers Exploit Vacation Hangover with Malware Attacks

It is not surprising to see scammers exploiting the laxity of Internet users.

Symantec has observed another malware wave over the past few days following the holiday season, as many users check their utility and official emails post-vacation to see if they missed out important ones. This is where spammers take their chances that users will click on malicious links in their emails.

In this wave of attacks, spammers are taking advantage of users’ urgency to open a link and respond to the email instantaneously. When this happens, the malware infects users’ computers and extracts confidential data.

Last week, I too, received some delivery failure notification emails that claim to be from well-known stores with an online presence, stating that I missed out a couple of parcels while I was away on vacation.

At first, I wondered how it happened since I did not place any orders, and the thought that they might be surprise gifts also crossed my mind.

However, just before clicking the link, I checked the status bar only to find that the link had been spoofed. This raised my level of suspicion, which was further confirmed by the language and grammatical errors used in the email, as shown in the following figure:

figure1_10.png

Figure 1: A spam email with grammatical errors and a malicious link

Similarly, there was an email in which the spammer masquerades another well-known brand, making the message appear to be a statement, while embedding a malicious link.

Fortunately, there was a goof-up between the template used by the brand and the email headers which belonged to another email, with no association between both. Upon further inspection, it was found that the embedded link contained a malware.

The spam run also used a hijacked URL as shown in the following figure:
 
figure2_9.png
Figure 2. Another spam email on delivery failure

I bumped into another email which invited me to attend the funeral of someone I did not know. I began to check if I knew the family by any chance, or if it was a college friend, or a neighbor, but then discovered that the link in the email was malicious.

figure3_5.png
Figure 3: A spam email on a funeral notice

Such spam emails require users to adopt a two pronged approach–to be on guard while sieving through emails, and be able to see through the mistakes made by scammers.

Some of which could be a coercion to click on a link immediately, but they are full of grammatical errors, faulty sentence structures, tactical errors of spoofing one retail operator and associating the email headers with a competitor. Another tactic employed in such spams is the use of hijacked domains and URLs which are rotated and recycled over time, but have no association with the brands or entity.

While you are overcoming your post-holiday blues, Symantec recommends that you exercise diligence when dealing with your emails, and not let scammers exploit your vacation hangover.

Leave a Reply