Online Threat Alerts (OTA) - Alerting you to scams and frauds.

Spoofed RapidFax Email with Trojan Attached
Spoofed RapidFax Email with Trojan Attached

If you receive an e-mail message from [RapidFAX Notifications reports@rapidfax.com] with the subject "Inbound Fax", please do not open the attached zip file because it is a Trojan. This spoofed e-mail message is not from RapidFax and is being used to try and trick persons into infecting their computers with a Trojan known as UDS:DangerousObject.Multi.Generic or Trojan.Lameshield.

RapidFax.com allows you to send and receive fax without a fax machine via e-mail.

If you are not a RapidFax customer and you received this e-mail message, this is the first sign that this e-mail is malicious. However, if you are a RapidFax customer, you should not click on any link or open any attachment in any e-mail message but instead, go to RapidFax.com, login from there and view your faxes.

The malicious attached zip file has name the rapidfax-E4C935577EDD.zip and when uncompressed or unzipped contains the Trojan with the name RapidFAX_MCID_000_ LOTS_OF_NUMBERS__13341.pdf.exe

This is how the malicious spoofed RepaidFax e-mail looks:

From: RapidFAX Notifications - reports@rapidfax.com

Subject: Inbound Fax

A fax has been received.

MCFID = 15565117

Time Received = Mon, 03 Dec 2012 08:13:12 -0300

Fax Number = 1851205814

ANI = 1290610748

Number of Pages = 10

CSID = 38729681781

Fax Status Code = Successful

Please do not reply to this email

RapidFAX Customer Service

www.rapidfax.com

©2012 j2 Global, Inc. All rights reserved. RapidFAX is a registered trademark.

waiting