Malicious Holiday Coupons and Promotions: McDonald's and Coca-Cola
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network has discovered another infectious holiday email making the rounds. Victims are receiving messages promoting a coupon from McDonald's or a holiday promotion from the Coca-Cola company. Both messages include a .zip attachment that contains either coupon.exe or promotion.exe. The malicious files (SHA1 ca973b0e458f0e0cca13636bd88784b80ccae24d) are Trojan Droppers, but have low anti-virus detection at the moment.
The McDonald's email claims to present their latest discount menu, and states that the attached coupon should be printed. The Coca-Cola email states that the attachment has details about their new online game and a chance to win Coca-Cola drinks for life.
Screenshot of spoofed McDonald's email:
Screenshot of spoofed Coca-Cola email:
Websense Messaging customers are protected against these threats.