Look out today for a sophisticated DVD phishing scam using a compromised MailChimp account to deliver malicious code. The email from ‘DVDs Manager’ is framed as an ’Order confirmation.’
The email states “Thank you for your order…we’re getting your order ready to be shipped. We will notify you when it has been sent” with a link for curious email users to click to ‘View your order.’
The link is to a benign .docx file hosted on MailChimp. The .docx file contains 2 x OLE objects, both of which are CDF documents and can be opened in Microsoft Word or Excel.
The CDF documents themselves contain malicious macros, which are presumed to download a remote executable. With this attack, the crafty cybercriminals have tried to bypass content scanners by linking to a benign file (docx files cannot contain code), and by hiding the macro code in the embedded objects within the document itself.
MailGuard urges Australians to hesitate before clicking any type of attachment or link in an email if they’re uncertain of its legitimacy.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.