GenericDownloader.ab Trojan Found In Fake Invoice and Airline E-Ticket Emails

Malware E-Mails Disguised as Invoices and E-Tickets contain the GenericDownloader.ab Trojan

Recent reports from McAfee have stated that malware is being distributed through e-mail in the form of airline e-tickets and UPS invoices. The price of air travel is already outrageous so you want to be sure your purchased airline ticket is secured right?. If you are one of the lucky ones and recently purchased an airline ticket, 9 times out of 10 you are going to open a received email related to an "airline ticket". What better way to spread malware onto computer users than using a fake airline e-ticket, airline titled email or even a UPS invoice?

Through further examination of these types of emails, it was confirmed that the threats are variants of a downloader called Generic Downloader.ab which is classified as a Trojan infection. Because many Trojans are manually installed they can utilize emails such as in the case of fake e-tickets and UPS invoice messages. Once the Generic Downloader.ab trojan is installed it attempts to access a remote host ( where it could send your personal information to a remote user or hacker.

Have you ever had UPS or FedEx mess up a shipment of yours?

Don't you want to be sure that any package shipped to you makes it to the correct address? If so, you are going to open an email that says something about your package not getting delivered. The fake UPS invoice email states something similar to "your last shipment could not be delivered because the address was wrong". The email further explains that you must print out the invoice and bring it to your local UPS office to obtain your package. The invoice itself is the malware. When you access it to print it off the infection is executed.

The fake airline ticket or e-ticket email says in the body of the message that an account has been created for your credit card used for purchase of tickets. Now common since would tell you that you did not recently purchase an airline ticket. But if you did, you may easily become a victim of this scam. This time the attachment looks like it is in the form of a MS Word document. Once you click on this attachment it is too late, you must now remove this Trojan.

Tip: The danger of opening email attachments or accessing links on suspicious emails has always been a serious threat. You must remember hackers are always changing ways to trick you and you must stay ahead of the game to avoid damaging your computer or exposing your personal information.

Have you ever received an email and clicked on an attachment and nothing happened? Did you later find out that you were infected with a Trojan?

Tags: .