• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Microsoft Windows PowerShell Command Execution Vulnerability
August 5, 2019
Rewterz Threat Alert – Kassino Campaign Spreading Agent Tesla via Phishing Emails
August 5, 2019

Rewterz Threat Alert – Beware of Emails Asking You to “Confirm Your Unsubscribe” Request

August 5, 2019

Severity

Medium

Analysis Summary

A long-running scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam.

Over the past week, a constant stream of emails with subjects like “Confirm your unsubscribe request” or “Client #980920318

Unlike normal unsubscribe notifications, these scam emails do not contain any indication of what you are unsubscribing from and simply state.

image-1565004241.png

Furthermore, these emails come in a variety of templates, with some being more professional looking like the one below.

More professional looking scam email variant

While others, not so much.

Not-so-professional scam email variant

If you are looking for trouble and click on the unsubscribe button, it will compose a new message with the subject of “Unsubscribe”, no message body, and will want to send the email to 15 to 20 email addresses. These email addresses are for domains hosted by noip.com’s free dynamic DNS service.

Sending unsubscribe email to 15+ email addresses

Indicators of Compromise

Email Subject

Confirm your unsubscribe request
Client #980920318

Remediation

Always be suspicious about emails sent by unknown senders.
Never click on the link/attachments sent by unknown senders.

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.