Spam E-Mail Campaign Targets Italy and Spain to Spread Ransomware - How to, Technology and PC Security Forum |

Spam E-Mail Campaign Targets Italy and Spain to Spread Ransomware

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Security-PadlockF-Secure’s researchers have reported that their customers in Italy and Spain have been victims of spam e-mail campaigns initiated to spread ransomware. The spam was disguised as e-mails sent by a courier service convincing the user that a parcel had to be collected. A link to track the package was also provided within the e-mail. The researchers then performed an investigation and discovered that the link redirected users to Google. However, further examination revealed a malicious scheme based on predefined conditions.

Download a System Scanner, to See If Your System Has Been Affected By CryptoWall.

It was noted that the first two URLs were written in PHP which was executed on the server side. Researchers then realized that the servers were then establishing whether to redirect the potential victim to Google or a malicious website.

Campaign Targets Italy

It is possible that the spam e-mails were targeting only customers based in Italy since the messages were written in Italian. With the help of the online privacy and security application called Freedome, the researchers set the location to Milan and clicked on the link provided in the spam message. The results revealed that if the user was located in Italy, the server would ‘decide’ to redirect him to a cloud-stored malicious file. CryptoLocker and CryptoWall ransomware were likely to attack victims if files were executed.

Similar Scheme Found in Spain

The company found a similar spam campaign targeted at Spanish users. However, the Spanish version was a bit more sophisticated, offering a CAPTCHA code to insert authenticity.

Luckily, the reported malicious operations do not use exploit kits, just the classical social engineering tricks.
Furthermore, F-Secure customers can relax since the company blocked all URLs and detected the malicious files.

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share