By Dave Michmerhuizen – Research Scientist
Sales is a high pressure job, and salespeople today are always scrambling, trying to make the next sale or line up the next order. Spammers are taking advantage of this frenetic workpace by sending out malware-laden emails pretending to be incoming orders.
Here at Barracuda Labs we usually see malicious attachments on a variety of spam types – fake package delivery notices, fake bank security alerts, even fake voicemail messages, but lately the great majority is using this “we wish to place an order” ruse.
This sort of malware distribution is a cottage industry with small operators that constantly copy and refine each other's approach, so these come-ons are all slightly different. They are often quite persuasive, with convincing details that are totally false.
The attachments on these messages are almost always password stealers and backdoors.
Since that's the case, these malware distributors put all all of their effort into refining the social engineering they use to make their messages compelling. They hope that the desire to book a new order will overwhelm the little voice that says “don't run that.”
We believe this “new order” spam must be working well for them because of it's widespread use. Don't be tricked. The vague wordings of this sort of spam is a big tipoff, and if you see an attachments , just delete the email. If you're curious, try a phone call. Pay attention to the little voice. Don't run anything you recieve in an email.