How do you react if you receive an email with subject “Your file has been uploaded”?

A spam campaign sending emails from an “Auto ImageService” with the subject “Your file has been uploaded” is making its round on the Internet.

The content of the email (see below) is very simple and advertises a link to a photo taken with a digital camera (DCIM stands for Digital Camera IMages) which was allegedly uploaded to some online image service.

And now to my question: How do you react if you see such an email in your Inbox ?

 

spam-upload-picture

 

I guess, most people would think: “What file? Oh, a photo? Hmm…”

And here it goes:

– You know that JPG is a photo. Do you have compromising photos on your computer ? Is it maybe one of those photos? Better quickly check it…Click.

Btw, if you are in this situation, you may want to check this article: Tips to secure your photos (including those with you naked)

– You don’t know that JPG is a photo. You react to “file uploaded” and you click.

 

Fortunately, at the moment when I checked this URL it was redirecting to a Russian website with online pharmacy.

However, the target website at the first level of redirect was an obfuscated Javascript file that was just redirecting to the final website (Russian).

Such websites might look at the first glance completely  safe, but don’t be so sure that they remain like this.

At any point in time this can change.

DO NOT CLICK! NEVER!

Just erase such emails.

Always have an antivirus software up and running. Ideally have a more complex solution with antispam and web filtering as well so that you have all attack vectors covered.

 


© Copyright 2014 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch