[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 730
  • Last Modified:

Suspiciously legitimate spam containing virus zip files

Hi,

I have a client running a 2011SBS server for Exchange and File Sharing.  The server is protected by AVG Business antivirus which is up to date.

My client has emailed today saying that they are getting a suspicious number of spam emails coming in which seem to be clever enough to look like they are legitimate.  The examples given were:

We receive an email pretending to be a mobile phone bill from O2 when all our phones are from O2, we've received a mortgage completion statement from a company we deal with that was a virus in the zip file, we've had and an investment report from another company we have been dealing with containing a zip file with a virus.

Can anyone identify whether this is just pure co incidence or whether they feel something else is at play? I've run a company wide virus scan and nothing is picked up but it does seem a bit odd that some of these spam emails seem so relevant.  Does this ring any bells with anyone or is it just coincidence and something a decent spam filtering service can deal with?

Thanks
0
amlydiate
Asked:
amlydiate
1 Solution
 
Simon Butler (Sembee)ConsultantCommented:
There is a spam campaign that has been running for about a month that is very slick.
This blog posting explains more.

http://blog.mxlab.eu/2013/10/07/new-trojan-variant-comes-in-multiple-formats-from-the-sender-fraudaexp-com-and-servicescitibank-com/

The comments are also interesting, and it sounds like the group responsible may have increased their scope.

Simon.
0
 
Nick RhodeIT DirectorCommented:
Typically I have an external spam filter or an internal one (like a barracuda) to deal with these spam emails.  It is a little random and spoofing with payment (bills), BBB, and USPS are all common tricks to inject the virus.  If you have a spam filter I would suggest bumping it up a little bit to hopefully snag them.
0
 
amlydiateAuthor Commented:
Thanks Sembee, that article exactly matched my clients experience so looks like it's infected PC's elsewhere doing the damage.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now