No internet connection

No Internet Connection Detected

Spoofed RapidFax Email with Trojan Attached

Spoofed RapidFax Email with Trojan Attached

If you receive an e-mail message from [RapidFAX Notifications reports@rapidfax.com] with the subject "Inbound Fax", please do not open the attached zip file because it is a Trojan. This spoofed e-mail message is not from RapidFax and is being used to try and trick persons into infecting their computers with a Trojan known as UDS:DangerousObject.Multi.Generic or Trojan.Lameshield.

Advertisement

RapidFax.com allows you to send and receive fax without a fax machine via e-mail.

If you are not a RapidFax customer and you received this e-mail message, this is the first sign that this e-mail is malicious. However, if you are a RapidFax customer, you should not click on any link or open any attachment in any e-mail message but instead, go to RapidFax.com, login from there and view your faxes.

The malicious attached zip file has name the rapidfax-E4C935577EDD.zip and when uncompressed or unzipped contains the Trojan with the name RapidFAX_MCID_000_ LOTS_OF_NUMBERS__13341.pdf.exe

This is how the malicious spoofed RepaidFax e-mail looks:

From: RapidFAX Notifications - reports@rapidfax.com

Subject: Inbound Fax  

A fax has been received.

MCFID = 15565117

Time Received = Mon, 03 Dec 2012 08:13:12 -0300

Fax Number = 1851205814

ANI = 1290610748

Number of Pages = 10

CSID = 38729681781

Fax Status Code = Successful

Please do not reply to this email

RapidFAX Customer Service

www.rapidfax.com

©2012 j2 Global, Inc. All rights reserved. RapidFAX is a registered trademark.

Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Click here help maintain Online Threat Alerts (OTA).

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Would you share this article with others?  +

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review

NB: We will use your IP address to display your approximate location to other users.

Your post will be set as an anonymous because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Spoofed RapidFax Email with Trojan Attached