Websense Security Labs Blog

Websense Security Labs discovers, investigates and reports on advanced Internet threats that traditional security
research methods miss.

"We are going to sue you" scare tactic used in malicious Emails

View all posts > 

"We are going to sue you" scare tactic used in malicious Emails

Posted: 20 Sep 2011 11:05 PM | Xue Yang | no comments


"What do I do if my email account has been spamming to the outside? I just got an email warning me that I will be sued!"


Don't worry just yet. When spam cannot lure you, then they will try to scare you! Here is a spam social engineered to trick to you into launching malware.


Websense® ThreatSeeker® Network has detected that an email campaign broke out on 19th September, 2011. In this campaign, emails are spoofed to appear as though they are sent from established companies. The emails even formally claims that legal action will be taken because of the spam you have sent. These emails with the fake warning even attach a ZIP file that contains a scanned copy of a document that is supposed evidence of your spam.


Websense protects against these kinds of blended threats with ACE, our Advanced Classification Engine.


One example of the spam email:



The spam outbreak uses several alerting subject headings to attract readers' attention. The ZIP file is actually an EXE file disguised as a document after decompression. It's a kind of Trojan.Downloader virus confirmed by VirusTotal. When the trojan triggers, it copies itself to the system path under the Startup folder and deletes itself. Whenever you start the computer, the trojan will execute. This trojan can connect to remote servers and download malicious files.  


Here are some emails we received that have the malicious ZIP file attached:  



This campaign could potentially contain other variants of the trojan as attachments, however we will continue to monitor it!



Leave a Comment


Email address: (required)