For the 3rd day running we are seeing vast quantities of email-attached malware. Today the spoofed sender was DHL with subjects like “DHL Express Service”. The emails included standard test such as:
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.
More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 DHL Express Services, Inc.
In their desperation to push out more malware today the senders seem to have overlooked the required filename change – the “DHL.zip” files are now carrying …… UPS.exe (as distributed in the last 2 days).
There is a clear push to build a large number of infected computers – maybe an attempted botnet rebuild following the demise of Rustock in mid-March? The graph below shows the malware portions of daily email (orange line), with large daily outbreaks clearly visible.
