Spoofed RapidFax Email with Trojan Attached
RapidFax.com allows you to send and receive fax without a fax machine via e-mail.
If you are not a RapidFax customer and you received this e-mail message, this is the first sign that this e-mail is malicious. However, if you are a RapidFax customer, you should not click on any link or open any attachment in any e-mail message but instead, go to RapidFax.com, login from there and view your faxes.
The malicious attached zip file has name the rapidfax-E4C935577EDD.zip and when uncompressed or unzipped contains the Trojan with the name RapidFAX_MCID_000_ LOTS_OF_NUMBERS__13341.pdf.exe
This is how the malicious spoofed RepaidFax e-mail looks:
From: RapidFAX Notifications - firstname.lastname@example.org
Subject: Inbound Fax
A fax has been received.
MCFID = 15565117
Time Received = Mon, 03 Dec 2012 08:13:12 -0300
Fax Number = 1851205814
ANI = 1290610748
Number of Pages = 10
CSID = 38729681781
Fax Status Code = Successful
Please do not reply to this email
RapidFAX Customer Service
©2012 j2 Global, Inc. All rights reserved. RapidFAX is a registered trademark.
Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Click here help maintain Online Threat Alerts (OTA).
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
NB: We will use your IP address to display your approximate location to other users.