Most file compression formats are ripe for exploitation these days. We've seen our first
.arj
files today:
Thank you for using our services!
Your order #37311131537 will be shipped on 05-09-2014.
Date: September 02, 2014. 03:09pm
Price: £191.50
Payment method: Wire transfer
Transaction number: 0466142997148E
Please find the detailed information on your purchase in the attached file (sale_2014-09-02_14-20-08_37311131537.arj)
Best regards,
Sales Department
Evelina Example
+07775 xxx xxx
We've trapped a couple of mails from gmail containing malware. Malware in the form of an attachment called
"Payment.rar", "document.rar" or "INVOICES.rar";
within that file is a windows ".scr" or ".exe" executable.
The text is like this (sic):
Dear Sir/Ma
Please check attachment for the confirmation of the part payment into your account. Thanks for your patient and we sincerely apologize for the delay. Please find swift message for the payment made via attachment and confirm back.
--
Thanks & Regard,
Rohitashwa K. Mishra,
Senior Journalist,
Dainik Bhaskar Group.
Or perhaps like this, received from
mail-vc0-f194.google.com [209.85.220.194]
on Tue, 29 Oct 2013 06:12:01
(sic):
Dear sir ,
Regarding to the previous order i made in your company , the goods shipped
to me are not exactly what i purchased, the attachments are the slip of
the payment i made and sample of the products i need if you have them give
me feedback and the new account so that i`ll make the next payment as you
told me .
thanks.