Recently, we reported how HTML attachments were being used in various spam campaigns such as phishing attacks, email harvesting attacks, and 419 scams. Spammers have included a few more file formats, again in an attempt to escape anti-spam filters. As experienced previously with HTML attachments, these new file formats are also getting used in several different spam categories.
In the first example, we discuss the MHT file format attached with phishing emails. When a Web page is saved as a Web archive in Internet Explorer, it gets saved to a Multipurpose Internet Mail Extension HTML format with an MHT extension. Further information can be found here. An attached MHT file works similar to an HTML file and opens a legitimate-looking Web page. This Web page looks exactly like a legitimate bank page, asking for critical financial information from the recipients. This information can also be submitted to the phisher’s site. Most importantly, this kind of attachment can be malicious and also carry risks, similar to an attached HTML file.
Translation (Italian to English) of Mail body: