Postcard greetings leads to site that hosts malware

June 14, 2009 by mxlab Leave a Comment

MX Lab intercepted a few samples a new postcard greeting email with the subject “You received a new greeting!!”.

The body of the email:

You have just received a postcard Greeting from someone who cares about you…

Just click here to receive your Animated Greeting !

Thank you for using www.Greetings.com services !!!
Please take this opportunity to let your friends hear about us by sending them a postcard from our collection !

The message doesn’t contains any malware attached in a zip file unlike the Hallmark eCard mailings and others but there is URL pointing directly to a malicious host: hxxp://webmail.*****.com.br/logs/Greeting.jpg. The threat is named VBS.Obfuscated-gen[Trj] when requesting the online Greetings.jpg file.

Filed under Viruses Tagged with , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>