December 30, 2010

New Year themed Malicious Email on the Prowl


Websense Security Labs™ ThreatSeeker™ Network has discovered a slew of New Year-themed malicious email circulating today.  Websense customers are protected proactively against this ongoing malicious spam campaign by ACE, ourAdvanced Classification Engine.

As illustrated above, the email has an image urging the user to update their Flash Player. This is an effort to deceive users into clicking the image which then prompts them to download what turns out to be a fake Flash Player installer. 

This malware [MD5:d35d7c8d74b83fa80dd1458d40c91799] is currently recognized by 11/43 AV engines in VirusTotal. 

Subjects in this malicious email campaign include:

  • GCARDS New Year
  • Greeting Cards
  • Greeting Postcard
  • New Year
  • Happy New Year 2011!

An interesting tactic that spammers used in this campaign is the use of the HTML comment tag.  While this is not new, it hasn't been as popular as invisible text which we have been seeing for a while now.  Needless to say, this is yet another effort by spammers to evade detection by anti-spam engines.

Below is a simpler variation of this malicious email.  The link provided also prompts users to download a fake Flash Player installer.


Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

Read more articles by Forcepoint

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.