PandaLabs has detected an email message claiming to be a special Christmas offer from McDonald’s, but which really spreads the P2PShared.U worm.
The email subject is “Mcdonalds wishes you Merry Christmas!” while the message text reads as follows:
“McDonald's is proud to present our latest discount menu. Simply print the coupon from this Email and head to your local McDonald's for FREE giveaways and AWESOME savings.”
To make the message look more authentic, the sender's address shows the “mcdonalds.com” domain. The message also contains a drop–down menu for the targeted user to choose their country, a cunning detail given the fact the emails claim to come from a multinational company such as McDonald’s.
This malicious code also uses a different set of emails to spread. In this case, the message subject is “You have recieved (sic) a Hallmark E-Card from your friend”.
The message text prompts users to download and run the attached message in order to open the card.
In both cases, if the user follows the instructions in the email, downloads the attachment and tries to open it, they will actually be downloading a copy of P2PShared.U and will install it on their computer.
“These emails use social engineering in different ways. Both emails attract users’ attention with Christmas-related subjects. However, the first email also exploits the financial crisis by inviting users to download a coupon for gifts and savings; a very effective lure", explained Luis Corrons, technical director of PandaLabs.
Once on the computer, the worm sends out emails with the same subject and appearance to other users.
Finally, it copies itself to folders of various P2P file-sharing programs (eMule, LimeWire, Morpheus, etc.) with names relating to security software, image editing programmes, programme cracks, etc. This way, any user that tries to download any of these applications will be actually letting a copy of the worm into their computer.
To avoid these infections Panda advises users not to open messages from unknown senders, and in particular, not to open any attachments they might contain or click any links in them.
What Are Cookies
As is common practice with almost all professional websites, our site uses cookies, which are tiny files that are downloaded to your device, to improve your experience.
This document describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or ‘break’ certain elements of the sites functionality.
How We Use Cookies
We use cookies for a variety of reasons detailed below. Unfortunately, in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to the site. It is recommended that you leave on all cookies if you are not sure whether you need them or not, in case they are used to provide a service that you use.
The types of cookies used on this website can be classified into one of three categories:
- Strictly Necessary Cookies. These are essential in order to enable you to use certain features of the website, such as submitting forms on the website.
- Functionality Cookies.These are used to allow the website to remember choices you make (such as your language) and provide enhanced features to improve your web experience.
- Analytical / Navigation Cookies. These cookies enable the site to function correctly and are used to gather information about how visitors use the site. This information is used to compile reports and help us to improve the site. Cookies gather information in anonymous form, including the number of visitors to the site, where visitors came from and the pages they viewed.
Disabling Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser’s “Help” option on how to do this). Be aware that disabling cookies may affect the functionality of this and many other websites that you visit. Therefore, it is recommended that you do not disable cookies.
Third Party Cookies
In some special cases we also use cookies provided by trusted third parties. Our site uses [Google Analytics] which is one of the most widespread and trusted analytics solutions on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so that we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page.
Google Analytics
Google Analytics is Google’s analytics tool that helps our website to understand how visitors engage with their properties. It may use a set of cookies to collect information and report website usage statistics without personally identifying individual visitors to Google. The main cookie used by Google Analytics is the ‘__ga’ cookie.
In addition to reporting website usage statistics, Google Analytics can also be used, together with some of the advertising cookies, to help show more relevant ads on Google properties (like Google Search) and across the web and to measure interactions with the ads Google shows.
Learn more about Analytics cookies and privacy information.
Use of IP Addresses. An IP address is a numeric code that identifies your device on the Internet. We might use your IP address and browser type to help analyze usage patterns and diagnose problems on this website and to improve the service we offer to you. But without additional information your IP address does not identify you as an individual.
Your Choice. When you accessed this website, our cookies were sent to your web browser and stored on your device. By using our website, you agree to the use of cookies and similar technologies.
More Information
Hopefully the above information has clarified things for you. As it was previously mentioned, if you are not sure whether you want to allow the cookies or not, it is usually safer to leave cookies enabled in case it interacts with one of the features you use on our site. However, if you are still looking for more information, then feel free to contact us via email at [email protected]