Spoofed RapidFax Email with Trojan Attached
Feb 13, 2013
Dec 10, 2012
If you receive an e-mail message from [RapidFAX Notifications email@example.com] with the subject “Inbound Fax”, please do not open the attached zip file because it is a Trojan. This spoofed e-mail message is not from RapidFax and is being used to try and trick persons into infecting their computers with a Trojan known as UDS:DangerousObject.Multi.Generic or Trojan.Lameshield.
Please continue reading below.
RapidFax.com allows you to send and receive fax without a fax machine via e-mail.
If you are not a RapidFax customer and you received this e-mail message, this is the first sign that this e-mail is malicious. However, if you are a RapidFax customer, you should not click on any link or open any attachment in any e-mail message but instead, go to RapidFax.com, login from there and view your faxes.
The malicious attached zip file has name the rapidfax-E4C935577EDD.zip and when uncompressed or unzipped contains the Trojan with the name RapidFAX_MCID_000_ LOTS_OF_NUMBERS__13341.pdf.exe
This is how the malicious spoofed RepaidFax e-mail looks:
From: RapidFAX Notifications - firstname.lastname@example.org
Subject: Inbound Fax
A fax has been received.
MCFID = 15565117
Time Received = Mon, 03 Dec 2012 08:13:12 -0300
Fax Number = 1851205814
ANI = 1290610748
Number of Pages = 10
CSID = 38729681781
Fax Status Code = Successful
Please do not reply to this email
RapidFAX Customer Service
©2012 j2 Global, Inc. All rights reserved. RapidFAX is a registered trademark.
Remember to leave your comment and read the ones made by others below. And, please report malicious, phishing or scam email messages, social media posts and websites to us. You may click here to contact us, or forward the email messages to: email@example.com .
Alert and help your family and friends by sharing this article with them: