After some days, the next spam was noticed which looked more serious and zipped the attachment. The hackers tried to give the attachment a MIME type of "image/png" in order to appear it as an image among the people.
If anyone retrieves the picture, it will turn out to be a Windows executable.
Bebeau wrote that after analysing the file, they came to know that this is a Cryptowall ransomware variant. So, if anyone opens the attachment to look a resume or picture, he/she could end up with his/her entire system in trouble.
Bebeau wrote that people can verify an email by looking at the header addresses, before opening the attachments.
Subject lines include:
- Un-authorized User
- Verification Required
- Must verify your account
- Validate account
He said that it is said that people’s account has been limited or disabled, and that to restore their account, they must follow some steps in the attachment.
The form asks for peoples’ social security number and their credit card number along with their name and address. And if anyone fills it and clicks submit button, his/her all data goes to a server in Russia.