'You Are Invited To Our Wedding' Spam Campaign Unleashes Trojan.Win32.Kuluoz Malware
Cybercrooks and hackers are ruthless when it comes to using what may seem to be a harmless email message to scam computer users. In the latest spamming scam that we have taken notice to, hackers are peddling a bogus wedding invitation email to spread a new variant of the malicious Trojan horse known as Trojan.Win32.Kuluoz, a threat capable of downloading and installing other malware onto an infected PC.
Lets all face the reality; computer scams come in all shapes, sizes and colors. In the latest spam campaign, one using a clever wedding invitation, it sends out a message with an embedded link at the bottom all claiming that you have been invited to "Celebrate the Our Wedding...Followed by a Reception." The message even claims that it is from "White wedding agency", which could be easily mistaken for a legitimate wedding company.
Variations of the actual spam email message reads (Figure 1): "You are Cordially Invited to Celebrate the Our Wedding On Tuesday March the 29 at Four O'clock Followed by a Reception. Get Full Invitation Text" Quickly pointing out the fact that the sentence does not use proper grammar, is a big red flag as to the legitimacy of such a message. ThreatTrack Security experts, who reportedly first identified this spam campaign, examined the message's embedded link to found that loads an archive file hosted on a compromised website. The file contains a Word document but is actually a variant of the Trojan.Win32.Kuluoz malware.
Figure 1. Spam Wedding invitation message with a malicious link spreading malware - Source: softpedia.com
Variations of the Trojan.Win32.Kuluoz malware that we have reported on, such as Trojan.Downloader.Kuluoz.B, is known for spreading poser emails and persuading recipients to open malicious files through enticing reservation or invitation messages. Moreover, this malware is apt to install other malware without any indications to the computer user.
Using a wedding invitation, although rife with poor grammar, is a rather clever and all-too familiar way for cybercrooks to scam PC users or infect their system with malware. As always, we reiterate how important it is to treat such messages with extreme caution and to never click on embedded links or download attachments on emails that have the least bit of suspicion. Additionally, it is prudent that antispyware or antivirus software be utilize at all times to detect and prevent malware infections from spam emails laced with malicious links or malicious attached files.