MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “Emailing: PIC5398236.TIFF”.
This email is send from the spoofed address “xxxxx ” and has the following body:
The message is ready to be sent with the following file or link attachments:
Note: To protect against computer viruses, e-mail programs may prevent sending or receiving certain types of file attachments. Check your e-mail security settings to determine how attachments are handled.
The attached file PIC5398236.TIFF.zip contains the file PIC9020505.vbs. Not that the naming of the email, ZIP archive and malware file may vary with each email.