Data443 & Cyren
Products
- - - Products
    - For OEMs
    - Malware Detection
    - Malware Analysis
    - URL Categorization
    - Email Security
    - Threat Intelligence
    - For Enterprises
    - Malware Analysis
    - Inbox Security for Office 365
    - Threat Intelligence
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
Solutions
- - - Expert Support
      
      Cyren’s dedicated security analysts have the expertise to deeply investigate sophisticated threats – their embedded documents and messy code.
      
      And from their vantage point across companies, geographies, and industries, analysts can track emerging attack vectors and prevent breaches.
      
      “For any false positive or user reported items, we do not need to be involved. Cyren’s dedicated team is on top of all these items.”
      
      via Gartner Peer Insights
Resources
- - - Recent Posts
      - Analyzing behavior to protect against BEC attacks December 22, 2022
      - Using NLP techniques to protect against BEC attacks December 8, 2022
      - Phishing with QR codes December 1, 2022
Company
- - - Company
    - About Cyren
    - Careers
    - Management
    - In the News
    - Contact Us
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
BOOK A DEMO

Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Dusty old spam trick used to send dusty old malware

“Your message could not be delivered”. It’s one of the oldest methods in the social-engineering-for spam-and malware-emails handbook. You are receiving notice that an email you sent has not reached its recipient – so sad.

And of course the attachment must contain the mysterious email. But it doesn’t. It contains a zipped variant of MyDoom malware. (First variants of MyDoom were sited on the 26^th January 2004). The attachment has wall-to-wall VirusTotal coverage of nearly 98% (42 out of 43 engines including Commtouch’s Command Antivirus).

Email Text:

Your message was undeliverable due to the following reason(s):

Your message could not be delivered because the destination computer was not reachable within the allowed queue period. The amount of time a message is queued before it is returned depends on local configura- tion parameters.

Most likely there is a network problem that prevented delivery, but it is also possible that the computer is turned off, or does not have a mail system running right now.

Your message could not be delivered within 6 days:

Host —– is not responding.

The following recipients could not receive this message:

Commtouchâ€™s labs have seen a significant increase in the number of websites infected with malware. There are currently 34% more malicious sites listed in Commtouchâ€™s GlobalView URL filtering database than there were when we reported Web security statistics as part of our April Quarterly Threats Trend Report.

A recent example: This LinkedIn invitation email led to a site with a Blackhole exploit kit.

The number of phishing sites detected has also increased, but only marginally (3.6%) over the same period. Phishing attacks aim at the usual targets such as PayPal. The attack below is hidden inside a legitimate site.

Entering login details on the well-crafted landing page leads to a further â€œenter your informationâ€ page that wants ALL your data: date of birth, social security number, phone and address, credit card details, and ATM PIN (!).

Finally the phishing site confirms that you have entered all required data before forwarding you to a genuine PayPal login screen.

Dec 1, 2011 | Security Research & Analysis

Categories

You might also like

Analyzing behavior to protect against BEC attacks

Business Email Compromise

Understanding “normal” behaviors in email exchanges are key to combating advanced phishing and BEC attacks by John Stevenson Detecting Business Email Compromise (BEC) In the final part of our series of blogs on Business Email Compromise (BEC), it’s time to look at how...

Using NLP techniques to protect against BEC attacks

Business Email Compromise, Office 365, Phishing

How Natural Language Programming help combat phishing and BEC attacks by John Stevenson Business Email Compromise (BEC) Business Email Compromise (BEC) covers a range of email attacks that typically share a common core attribute. There is no obvious executable...

Phishing with QR codes

Phishing, Security Research & Analysis

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...