Malware Alert: Booking Reservations at Westminster Hotel, Export License Copies

Two types of spam emails you should look out for

Cybercriminals are running spam campaigns designed to trick users into installing malware on their computers. A couple of interesting spam runs have been analyzed by Webroot’s Dancho Danchev.

The first campaign leverages bogus notifications entitled “Your Booking Reservation at Westminster Hotel.” The emails inform recipients that a hotel reservation has been made on their behalf.

Cybercriminals rely on the fact that users will rush to open the attachment to learn more details. In reality, the attachment is a new version of Trojan-PSW.Win32.Tepfer.

The threat connects to a command and control server that’s been used for Vodafone scams as well.

The second spam run identified by Danchev notifies potential victims that they’ve received an “export license and payment invoice.”

“Kindly open to see export License and payment invoice attached, meanwhile we sent the balance payment yesterday,” the messages read.

The emails carry a piece of malware that turns infected computers into a botnet zombie.

If you come across such emails, be sure to ignore them.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s