Spam campaign from Canadian Pharmacy also contains web based threats
February 15, 2010 1 Comment
MX Lab detected several email based threats in a spam campaign from Canadian Pharmacy masked as an order confirmation of Amazon.
The campaign comes from the spoofed email address Customer Support <***.***@service.amazon.com> and has the possible following subjects (*** numbers will vary):
Confirm #***
Confirmation Order #***
Notice #***
Notify #***
Notification #***
Order Confirmation #***
Order Notice #***
Order Notify #***
Order Notification #***
The body of the email:
Your Order S\n:10444064511 Accepted.
Details hxxp://www.klaudiusz.ramtel.pl/afrikaners.htmlThank you.
Amazon.com Customer Support
The campaign is detected yesterday but today we found a few threaths when following the included URLs. One threat was named HTML:iFrame-LZ[Trj] (Avast).
HTML:iFrame-LZ[Trj] is a malicious HTML script that may be downloaded unknowingly by a user when visiting malicious Web sites. The script will make connection to sites to download file(s). As a result, malicious routines of the downloaded files are exhibited on the affected system.
Write to all koieto found on the Internet from Canadian Pharmacy
Exactly these are the most annoying! Continuous my full post idiotic letters!
This from Canadian Pharmacy are absolute morons!
You think your advertising you do?
No, this is not advertising – it is a demonstration of arrogance and crap!
Drug shove his mother ….. …….. where the sun does not shine!
And stop filling my e-mails with idiotic!!