Malicious Web Site / Malicious Code: Malicious Google Job Application Response
- Sunday, January 31, 2010, 16:00
- Threat Research
Websense Security Labs™ ThreatSeeker™ Network has discovered a new malicious spam campaign that spoofs Google job application responses. The messages look very well written and are so believable that they are probably scrapes from actual Google job application responses. Typically, spam has grammatical errors or spelling mistakes that make the messages obviously unofficial and act as red flags. The text of these messages, however, has no such mistakes, making them much more believable--especially if the target really has applied for a job with Google. The From: address is even spoofed to fool victims into believing the message was sent by Google. The messages have an attached file called CV-20100120-112.zip that contains a malicious payload. This is where the message gets suspicious, because the contents of the .zip file have a double extension ending with .exe. The attackers attempt to hide the .exe extension by preceding it with .html or .pdf, followed by a number of spaces and then the .exe extension. The .exe file (SHA1:80366cde71b84606ce8ecf62b5bd2e459c54942e) has little AV coverage at the moment. Websense Messaging and Websense Web Security customers are protected against this attack.
Dear sir,
I’m Arslan Tahir 22 years old, male, having experiences on Computer operator, Hardware, Networking Management & Trouble shooting.I have done Hardware & networking Diploma skill development council(Pakistan) Currently I’m looking for a Computer network engineer job depending on my so far experiences. If you have any opening position in your company, please kindly inform me accordingly. Waiting for your kind reply.
Sincerely yours,
Arslan Tahiir,
Pakistan.