Hope You're Using Protection as Love Letter MalSpam has Nasty Surprises

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/hope-youre-using-protection-as-love-letter-malspam-has-nasty-surprises/

It is almost February and love is in the air, but that doesn't mean you should open every love letter you receive. A large malspam campaign has been discovered that uses romantic and endearing email subjects to trick recipients into getting infected with ransomware, miners, and more.

The "Love Letter" campaign consists of emails that contains romantic and endearing subjects such as "Love You" and "This is my love letter to you". Attached to these emails are ZIP attachments such as Love_You_14473721-2019-txt.zip, which contain a JavaScript file with a similar name.

Malspam continues to be a strong and widely used vector to distribute malware and users should always be suspicious of emails from strangers, especially ones with strange attachments. BleepingComputer recommends that users always scan attachments using a service like VirusTotal, and if you were not expecting an attachment, to contact the sender to confirm.

Update 1/14/19 8:14 PM EST:

Updated list of subjects from information Sev, a Security Researcher in the Emerging Threats team at ProofPoint, who has been tracking the Phorpiex spambot for some time.