Threat Outbreak Alert RuleID20422: Email Messages Distributing Malicious Software on January 13, 2016

2016-01-13T18:49:33
ID CISCO-THREAT-43000
Type ciscothreats
Reporter Cisco
Modified 2016-01-13T18:49:33

Description

Medium

Alert ID:

43000

First Published:

2016 January 13 18:49 GMT

Version:

1

Summary

  • Cisco Security has detected significant activity related to spam email messages distributing malicious software.

Email messages that are related to this threat (RuleID20422) may contain the following files:

Name | Size in Bytes | MD5 Checksum
---|---|---
forward_period.doc
| 207,872
| 0x93CBF7D73040C604337D62361E65A525

The following text is a sample of the email message that is associated with this threat outbreak:

> Subject: End of magazine forwarding notification - USPS Change of Address request

Message Body:

To ensure you receive your USPS mail forwarding notification emails, please add AddressChange@USPS.gov to your address book now. If youre having trouble viewing this email, you can view it in your browser.
usps.com
Dear customer,
Your 60-day magazine forwarding period will end on January 13, 2016.
For more detailed information, please see the attached DOC.
Please note: New subscriptions and mail already coming to your new address will not be affected.
Still getting magazines forwarded with yellow labels? To continue receiving your magazines, please change your address directly with the magazine publisher. Yellow stickers with your new address are placed on mail forwarded by the U.S. Postal Service. To receive your mail faster, notify the sender of your new address.
Please make sure to notify other important parties of your change of address. Mail forwarding only covers certain classes of mail for a period of up to 12 months. Many government agencies and mailers will not change your address without direct contact from you, so it is important that you notify parties directly.
Order Status
Order Submitted On:
October 14, 2015
Requested Start Date:
October 14, 2015
Confirmation Code:
1526-7900-0023-8030
For more detailed information, please see the attached DOC.
Note
Please do not reply to this message. This email message was sent from a notification-only address that cannot accept incoming email.
Copyright 2016 Imagitas, Inc. and United States Postal Service. All Rights Reserved.

Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Related Links
Cisco Security
Cisco SenderBase Security Network

Revision History

  • Version | Description | Section | Date
    ---|---|---|---
    1 | Initial Release | | 2016-January-13 18:49 GMT
    Show Less

Legal Disclaimer

  • THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products