Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Outrageous | Main | A Portuguese Deposit »

January 08, 2013

UAE Product Inquiry

I've seen a few instances of a malware delivery email message that might trip up a number of recipients.

Here is the first version:

From: Alkharji Trade Co UAE Subject: Product Enquiry

Dear Sir/Madam,


We are interested in purchasing your products and we sincerely hope to
establish a long-term business relation with your esteemed company.


Please kindly view our samples HERE and HERE then send me your latest catalog. Also, inform me about the Minimum
and maximum Order Quantity, Current Delivery time or FOB, and also current
payment terms warranty.


Your early reply is highly appreciated.


Kind Regards,
Ahmed

The links in the message lead to SendSpace (and one URL was malformed to omit the ".com", so that will certainly hurt their efficiency...boo hoo), where the files are named sample1.zip and sample2.zip. Sadly, both files came up squeaky clean on VirusTotal. But both files expand to .exe files. One had fair coverage in VirusTotal (although many big-named AV products didn't recognize the files as malware over 12 hours later), while the other was recognized by only one AV vendor.

Another variant this morning has the same basic theme, but the zipped files are attached to the email message.

If you have been in business for as long as I have, you are familiar with these kinds of blind product information requests arriving from time to time. But this one won't lead to any business. Instead, its files will give you the business...if you know what I mean.

Posted on January 08, 2013 at 11:04 AM