Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Spam E-Mail Campaign Targets Italy and Spain to Spread Ransomware

Security-PadlockF-Secure’s researchers have reported that their customers in Italy and Spain have been victims of spam e-mail campaigns initiated to spread ransomware. The spam was disguised as e-mails sent by a courier service convincing the user that a parcel had to be collected. A link to track the package was also provided within the e-mail. The researchers then performed an investigation and discovered that the link redirected users to Google. However, further examination revealed a malicious scheme based on predefined conditions.

Download a System Scanner, to See If Your System Has Been Affected By CryptoWall.

It was noted that the first two URLs were written in PHP which was executed on the server side. Researchers then realized that the servers were then establishing whether to redirect the potential victim to Google or a malicious website.

Campaign Targets Italy

It is possible that the spam e-mails were targeting only customers based in Italy since the messages were written in Italian. With the help of the online privacy and security application called Freedome, the researchers set the location to Milan and clicked on the link provided in the spam message. The results revealed that if the user was located in Italy, the server would ‘decide’ to redirect him to a cloud-stored malicious file. CryptoLocker and CryptoWall ransomware were likely to attack victims if files were executed.

Similar Scheme Found in Spain

The company found a similar spam campaign targeted at Spanish users. However, the Spanish version was a bit more sophisticated, offering a CAPTCHA code to insert authenticity.

Luckily, the reported malicious operations do not use exploit kits, just the classical social engineering tricks.
Furthermore, F-Secure customers can relax since the company blocked all URLs and detected the malicious files.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.