Threat Outbreak Alert: Fake Payment Order Attachment E-mail Messages on September 22, 2010

Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a payment order for the recipient.  The text in the e-mail message instructs the recipient to open the attached file to view the invoice details.  However, the attachment is a malicious .html file that, when executed, attempts to infect the system with malicious code.

E-mail messages that are related to this threat (RuleID2987) may contain the following file: 33907_inv.html

The 33907_inv.html file has an approximate file size of 5,960 bytes.  The MD5 checksum, which is a unique identifier of the executable, is unavailable.

The following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject: fire breathing tuition invoice

Message Body:

Here is PO for Luna s driver


Leave a Reply