Description
Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain a debt collection notification for the recipient. The text in the e-mail message attempts to convince the recipient to follow a link and view the details. However, the link directs the user to a malicious .zip file, that when executed, attempts to infect the system with malicious code.
E-mail messages that are related to this threat (RuleID5481) may contain any of the following files:
Fatura-CobrancaFev.zip
The Fatura-CobrancaFev.zip attachment has no file size and MD5 checksum available.
The following text section is a sample of the e-mail message that is associated with this threat outbreak:
Subject: Segue em anexo a fatura 564365/02 para pagamento, referente ao mes 02/13.
Message Body:
L C R Cobranças,
Informa que você tem até 10/03/2013 para efetuar o pagamento da fatura referente atraso do mês 02 (fevereiro) 2013, caso o pagamento
não seja efetuado será levado a protesto após a data mencionada.
Parcela_Referente_Fevereiro.zip
Source: Cisco