Spammers Fake Responses from Google Job Applications
- Wednesday, February 3, 2010, 19:48
- Threat Research
- 8 views
A new spam campaign gives the phrase “too good to be true” a whole new spin: spammed messages purporting to come from Google in response to job applications. While most spammed messages take advantage of a specific special occasion, holiday, or even a currently newsworthy item, spammers have hit a new low with their latest scheme.
Taking the form of job application responses from Google, the email even sports the official Google logo with an accompanied legitimate From: address. With close-to-perfect grammar and syntax (unlike most known spammed messages), it is becoming even trickier to distinguish real email messages from fake ones. And why would users not want to believe what the message says? Google has always been commended for being a more-than-ideal workplace. Receiving word regarding a job application from the company is thus great news indeed. But is viewing a suspicious-looking email message, especially if you did not even send an application in the first place, worth infecting your computer?
The latter part of the spammed message is even more suspicious, as it asks the recipient to download a .ZIP file attachment, CV-20100120-112.ZIP, which then opens a prompt to download the file with a different name (document.doc) and a hidden extension (.EXE), detected by Trend Micro as WORM_SPYBOT.MCP.
Cybercriminals have also been known to make use of spaces to hide the real extension names of file attachments.
...Read the original story
