Cancer E-mails Deliver Malware

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

AppRiver researchers are warning of a malicious spam campaign that appears to come from the U.K.'s National Institute for Health and Care Excellence (NICE) (h/t The Register).

"We have been sent a sample of your blood analysis for further research," the e-mails state. "During the complete blood count (CBC) we have revealed that white blood cells is very low, and unfortunately we have a suspicion of a cancer. ... We suggest you to print out your CBC test results and interpretations in attachment below and visit your family doctor as soon as possible."

The attachment is a ZIP file containing an executable with a PDF icon. The executable takes control of the victim's PC, then steals browser cookies and Outlook passwords, and uploads the data to a remote server. "This is all very common behavior for the ZeuS family of malware which is still very common in today’s attacks," writes AppRiver's Fred Touchette.

"A spam e-mail purporting to come from NICE is being sent to members of the public regarding cancer test results," NICE chief executive Sir Andrew Dillon said in a statement. "This e-mail is likely to cause distress to recipients since it advises that ‘test results' indicate they may have cancer. This malicious e-mail is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police."

Photo courtesy of Shutterstock.


Loading Comments...