By Dave Michmerhuizen – Research Scientist, Luis Chapetti – Security Researcher
Malicious spam uses a variety of techniques to persuade you to click on links; fear and greed are popular, but the most popular technique is curiosity. Some appeals to a user’s curiousity are familiar; fake faxes, sexy come-ons, package delivery notifications, all the sorts of things that experienced email users delete without a second glance.
But what about an important change log?
Change control is a part of many business processes. Programmers, data maintainers, document editors, inventory specialists and accounting professionals are all likely to keep detailed logs of changes to data and share those logs via email. Since these sorts of emails are anticipated and desired, recipients are less likely to to be suspicious of them. Curiosity takes over.
These are copies of some changelog themed spam that we saw a bunch of in 2012.
In this case, curiosity will kill your computer. Both the link and the HTML attachment quickly redirect the user’s web browser to a website hosting the Blackhole exploit kit. This is the malware delivery method of choice at the moment. They are easy for spammers to set up and most malicious spam attempts to deliver the user to such a site which will attack the browser and install a password stealer.
When it comes to malware, spam is the most common attack vector. Treat the contents of your inbox as guilty until proven innocent. Don’t let curiosity get the better of you – or of your computer.