BKDR_LIFTOH.AD
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 3,403 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 2,952 |
First Seen: | October 21, 2013 |
Last Seen: | September 20, 2023 |
OS(es) Affected: | Windows |
Computer users located in the United Kingdom are at risk of an email phishing scam that involves fake emails claiming to contain 'Medical Laboratory Results'. Many computer users in the United Kingdom may expect to receive laboratory results from Allergan Limited. However, it is important to be aware of the fact that there are fake email messages from Allergan Limited being circulated, designed to distribute threats such as BKDR_LIFTOH.AD. This threatening Trojan infection is a backdoor infection designed to download and install a variant of the infamous ZeuS Trojan. Subject lines associated with this scam will contain a variant of 'Medical Laboratory Results: MEFHNAO796MEFHNAO791' and the body of the threatening email message will read:
'Further to our telephone conversation, please find details attached in response to your medical information inquiry. I have been advised that you can contact them, and they should be able to assist you.'
The supposed email attachment is the BKDR_LIFTOH.AD infection. One aspect of the BKDR_LIFTOH.AD that computer users should be wary of is the fact that BKDR_LIFTOH.AD is distributed using a risky DOC document or Microsoft Office document. Many computer users are not aware that DOC files may be used to distribute threats in the same way as executable files or files with suspicious extensions. BKDR_LIFTOH.AD takes advantage of a known vulnerability in Microsoft Office to execute harmful code on the victim's computer. Once BKDR_LIFTOH.AD is installed, BKDR_LIFTOH.AD creates a backdoor on the affected computer, connects to a remote server, and downloads and installs a ZeuS Trojan variant. It is important to note that BKDR_LIFTOH.AD is not only distributed using unsafe email messages. BKDR_LIFTOH.AD has also been observed in associated with known social media and instant messaging scams and spam.
Dealing with and Preventing Email Scams Like Those Used to Distribute BKDR_LIFTOH.AD
The best way to prevent email scams like the one used to infect computers with BKDR_LIFTOH.AD is to use a strong anti-spam filter to make sure that these types of messages do not make it into your email inbox. It is important to never open email attachments that are unexpected or unsolicited, even if they come from a known source (in many cases, the 'known source' may have been infected with threats designed to force it to send out compromised email to its contacts). If you do business with Allergan Limited, preferably obtain confirmation from the laboratory before opening any email attachments sent your way.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.