Recently, a group of unknown hackers have taken to an old spamming method that involves pretending to be a trusted entity in order to spread malware. The trusted entity in this case happens to be the security software vendor Kaspersky.
Hackers are relentless when it comes to finding new creative ways to scam computer users out of their money. You may be surprised to know that what is considered to be an old spamming tactic utilized by hackers is now new again. During the upcoming holiday season, cybercrooks will be working overtime pulling out all of the tricks from their malicious arsenal.
For years Kaspersky has been a provider of PC security software. They are among a very long list of security providers who have been exploited in one way or another by cybercrooks. This time the exploitation involves an email message touting an 'Antivirus & Security Complete Antivirus Protection Solution.' Moreover, the email appears to have come from the email address 'Sale@Kaspersky.com.'
Astonishingly, as reported by net-security.org, the email message contains links that redirect users to a page that resembles the colors and look of a Symantec site versus a Kaspersky site. Initially, the email resembles Kaspersky but the embedded links' website fails to provide a clear correlation of the two. As you may already know, Symantec is also a company that provides security software for PCs. Additionally, Symantec is yet another security firm who has been exploited many times in the past by cybercrooks peddling fake antivirus or bogus antispyware programs.
During a quick examination the recent spam message and embedded malicious link that initially exploits Kaspersky, we took special note to it offering 'The Best AntiVirus Online 2011', which is advertised as a security program that will offer users the chance to detect and remove malware. Quite possibly, this application could be either one of the well-known rogue anti-virus programs such as Antivirus 2011 and Best Antivirus 2011, which we provided a removal reports earlier this year. Amazingly, users are not able to download the 'Best AntiVirus Online 2011' program but instead are offered a form to enter their email address and credit card details to receive further instructions to buy the program. It is quite possible during the time that this scam was on a more active basis that it could have allowed a download of the AV solution application.
Obviously by the nature of this scam, the cybercrooks behind it are in the business of collecting personal data to later use in a malicious manner. It would be wise to treat suspicious emails as you would any other spam message.
As the holidays approach, we suspect that you will see more spam messages not only attempting to sell some type of fake security application, but ones pimping other high-demand products. You must do all that you can to avoid spam tricks and online shopping scams to stay ahead of the cybercrooks.
What was the last spam email that exploited a trusted company or entity that you received? Did you click on any links in the spam email or download any attachments?