A Comprehensive Guide to “Your E-mail Will Be Closed” Spam Mails

Email spam is a common threat to internet users. One such troubling spam email is the “Your E-mail Will Be Closed” message, which has become a significant concern due to its malicious nature. This article will guide you through what this email is, como funciona, and how to protect yourself from its potential harm.

Understanding the “Your E-mail Will Be Closed” Spam Mail

The “Your E-mail Will Be Closed” spam email is categorized as malspam, a type of email that contains malicious attachments or links. It deceives recipients into believing that their email account will be deactivated unless they ‘update’ it.

The trick of this spam email lies in its attachment, which masquerades as a document containing undelivered emails. This Microsoft Word document, contudo, is infected with the Agent Tesla RAT (Trojan de acesso remoto), a dangerous malware that can steal sensitive information from the infected device.

How the “Your E-mail Will Be Closed” Spam Mail Works

The deceptive email typically arrives with a subject like “EMAIL INTERFACE UPGRADE AVOID CLOSURE OF YOUR EMAIL.” It claims that the recipient’s email account will be deactivated on a specified date due to ignored updates. The recipient is urged to update their account to prevent this from happening.

When the attached document is opened, the user is asked to press the “Enable Editing” button, which then activates its malicious macro commands. These commands initiate the download and installation process of the Agent Tesla malware.

Potential Consequences of the “Your E-mail Will Be Closed” Spam Mail

Trusting an email like “Your E-mail Will Be Closed” can lead to severe consequences. These can include system infections, significant privacy issues, perdas financeiras, e até roubo de identidade. If you suspect that your device is already infected with the Agent Tesla RAT (or other malware), it is crucial to run a full system scan using reliable anti-virus software and eliminate all detected threats.

Characteristics of the “Your E-mail Will Be Closed” Malspam

The “Your E-mail Will Be Closed” malspam is characterized by the following features:

  • Nome: “Your E-mail Will Be Closed” malspam
  • Tipo de ameaça: Trojan, password-stealing virus, banking malware, spyware
  • False Claim: Email account will be deactivated unless updated
  • Anexo: Undelivered Mails.doc (o nome do arquivo pode variar)
  • Payload: Agent Tesla
  • Sintomas: Trojans are designed to infiltrate the victim’s computer stealthily and remain silent, making symptoms unclear on an infected machine
  • Métodos de distribuição: Anexos de e-mail infectados, anúncios on-line maliciosos, Engenharia social, 'rachaduras' de software
  • Dano: Senhas e informações bancárias roubadas, roubo de identidade, the victim’s computer added to a botnet

You can check the full list of detections on VirusTotal.

 

Infection Methods of Spam Campaigns

Spam campaigns like the “Your E-mail Will Be Closed” email predominantly infect computers through malicious attachments or links leading to harmful websites. These attachments and links can come in various formats, incluindo documentos (Microsoft Office, Microsoft OneNote, PDF, etc.), arquivos (fecho eclair, RAR, etc.), executáveis (.Exe, .correr, etc.), JavaScript, e mais.

When such a file is executed or opened, the infection process begins. Por exemplo, Microsoft documents infect devices by executing malicious macros, while harmful OneNote files require users to click on embedded files or links.

Preventing Malware Installation

Para evitar a instalação de malware, it’s crucial to exercise caution with incoming emails and messages. Do not open attachments or links in dubious or irrelevant emails, as they can be infectious. Além disso, using Microsoft Office versions released after 2010 is recommended, as they have the “Protected View” mode, which prevents automatic macro command execution.

Malware is also commonly spread through unreliable download sources (v.g., freeware sites, P2P sharing networks, etc.), illegal program activation tools ("rachaduras"), atualizações falsas, golpes on-line, and malvertising. Sendo assim, it’s advisable to download only from official or verified sources and update software using legitimate tools.

 

Identifying the “Your E-mail Will Be Closed” Spam Email

Here is an example of the text presented in the “Your E-mail Will Be Closed” spam email:

Subject: EMAIL INTERFACE UPGRADE AVOID CLOSURE OF YOUR EMAIL.

CLOSURE OF EMAIL 

We informed you that your E-mail will be closed ON 25/6/2022 because you have been ignoring all our upgrade messages sent to you.

If you wish to continue using your Email update now to continue using our service.

Click here to update

Notice: Ignoring this message will cause your E-mail to be terminated without your permission. MOVE MAIL TO INBOX IF SEEN IN SPAM/JUNK.

Thanks ,

Sincerely  
- Mail Protector 2023

And here is a screenshot of the malicious attachment distributed via this spam campaign (“Undelivered Mails.doc”):

 

Remoção Automática de Malware

Ferramenta antispam recomendada:

Experimente o MailWasher

A segurança de e-mail é a primeira linha de defesa contra vírus ransomware. Para fazer isso, recomendamos que você use MailWasher. MailWasher bloqueia vírus de ransomware vindos de spam e phishing, e detecta automaticamente anexos e URLs maliciosos. Além do mais, mensagens maliciosas podem ser bloqueadas antes mesmo que o destinatário as abra. Uma vez que a principal fonte de propagação de vírus ransomware são e-mails infectados, o antispam reduz significativamente o risco de um vírus aparecer no seu computador.

Baixar Mail Washer

 

Compreendendo diferentes tipos de e-mails maliciosos

There are various types of malicious emails that internet users should be aware of:

E-mails de phishing

Phishing emails are commonly used by cybercriminals to trick users into giving away their sensitive private information, como informações de login para vários serviços online, contas de e-mail, ou informações bancárias on-line. Cybercriminals often use popular service logos (v.g., Microsoft, dhl, Amazon, Netflix) and create a sense of urgency to trick users into clicking on a link. The link then redirects victims to a fake website, where they are asked to enter their password, detalhes do cartão de crédito, or other information.

 

Emails com anexos maliciosos

Cybercriminals often use email spam with malicious attachments to infect users’ computers with malware. These attachments usually carry trojans that are capable of stealing passwords, informação bancária, e outras informações confidenciais.

 

E-mails de sextorsão

Sextortion emails claim that a cybercriminal has access to the victim’s webcam and has a video recording of the victim. Para se livrar do vídeo, as vítimas são convidadas a pagar um resgate. No entanto, essas afirmações geralmente são falsas, and such emails should be ignored and deleted.

 

How to Recognize a Malicious Email

While cybercriminals try to make their lure emails look trustworthy, here are some things that you should look for when trying to spot a phishing email:

  1. Verifique o remetente ("de") endereço de e-mail: Make sure the email address is legitimate. Por exemplo, an email from Microsoft should have an @microsoft.com address, not something suspicious like @m1crosoft.com or @microsfot.com.
  2. Procure saudações genéricas: Emails that start with “Dear user” or “Dear valued customer” could be phishing attempts. Most companies will call you by your name.
  3. Confira os links no e-mail: Hover your mouse over the link in the email. If the link appears suspicious, não clique nele.
  4. Be wary of email attachments: Legitimate companies usually ask you to log in to their website and view any documents there. Se você receber um e-mail com um anexo, é uma boa ideia verificá-lo com um aplicativo antivírus.

Para minimizar o risco de abrir e-mails de phishing e maliciosos, considere usar Combo Cleaner Antivirus for macOS.

O que fazer se você cair em um golpe de e-mail

Se você caiu em um golpe de e-mail, here are some steps you should take:

  1. Mude sua senha: Se você clicou em um link em um e-mail de phishing e digitou sua senha, troque o mais rápido possível.
  2. Entre em contato com seu banco: Se você inseriu as informações do seu cartão de crédito, contact your bank immediately.
  3. Contact the authorities: If you see signs of identity theft, contact the Federal Trade Commission.
  4. Escaneie seu computador: Se você abriu um anexo malicioso, escaneie seu computador com um aplicativo antivírus confiável.

perguntas frequentes (Perguntas frequentes)

Por que recebi este e-mail?

Spam mail is not personal. Cybercriminals send it in massive operations, so thousands of users receive identical emails.

I have read a spam email but didn’t open the attachment, meu computador está infectado?

Devices are infected when malicious attachments or links are opened. Merely reading an email will not initiate any system infection processes.

I have downloaded and opened a file attached to a spam email, meu computador está infectado?

Whether your device was infected might depend on the opened file’s format. Uma vez aberto, executáveis (.Exe, .correr, etc.) cause infections almost without fail. While documents (.doc, .xls, .one, .pdf, etc.) may need additional user interaction (v.g., enabling macros, clicking embedded files/links, etc.) to start downloading/installing malware.

 

Deixe uma resposta

seu endereço de e-mail não será publicado. Os campos obrigatórios estão marcados *