Outline
Email purporting to be from fax to email service RapidFax claims that a received fax can be viewed by opening an attached file.
Brief Analysis
The message is not from RapidFax. The attached zip file contains malware.
Example
Subject: Inbound Fax
A fax has been received.
MCFID = 74887842
Time Received = Tue, 04 Dec 2012 10:56:12 +0700
Fax Number = 7302936127
ANI = 7272765955
Number of Pages = 16
CSID = 78125793173
Fax Status Code = Successful
Please do not reply to this email.
RapidFAX Customer Service
www.rapidfax.com
Detailed Analysis
This message, which purports to be from online fax to email service RapidFax, claims that a fax has been received and can be viewed by opening an attached file. The email includes a list of details about the supposed fax along with the RapidFax logo and links to associated websites.
However, the email is not from RapidFax and the attachment does not contain a fax as claimed. In fact, the attachment contains a .zip file that harbours a trojan.
Unzipping the attached file reveals a malicious .exe file. If the user proceeds to open this .exe file, the trojan will be installed on his or her computer.
Typically, such trojans can make contact with remote servers controlled by cybercriminals, harvest sensitive information from the compromised computer and download further malware.
If you receive one of these emails, do not open any attachments or click any links that it may contain.
Original Source : https://www.hoax-slayer.net/rapidfax-malware-email/