New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed

  /     /     /  
Publicated : 22/11/2024   Category : security

New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed


Getting infected just got a whole lot easier, researchers say


Attackers have developed a new way to infect your PC through email -- without forcing you to click on an attachment.
According to researchers at eleven, a German security firm, the new drive-by spam automatically downloads malware when an email is opened in the email client. The user doesnt have to click on a link or open an attachment -- just opening the email is enough.
The new generation of email-borne malware consists of HTML e-mails which contain a JavaScript which automatically downloads malware when the email is opened, eleven says in a news release.This is similar to so-called drive-by downloads, which infect a PC by opening an infected website in the browser.
The current wave of drive-by spam contains the subject Banking security update and has a sender address with the domain fdic.com. If the email client allows HTML emails to be displayed, the HTML code is immediately activated.
The user only sees the note Loading…Please wait, eleven says. In the meantime, the attempt is made to scan the PC and download malware.
Aside from updating their anti-spam and anti-malware tools, users can fight the new attack by deactivating the display of HTML e-mails in their email client, eleven advises. They can choose the option of displaying emails in pure-text format only.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed