Spammers are using downloadable coupons as a method of spreading malware.


Trend Micro has revealed that several campaigns are being used by cybercriminals to spread malware with vouchers that offer money off products, flights and guides.


Anti-spam research engineer Maydalene Salvador claimed that it was very similar to social-engineering campaigns that used McDonald's and Coca-Cola identities.


In this instance popular brands such as Ikea, Symantec, Jack Daniel's and British Airways were all used for this recent campaign, with spam emails sent that promote a coupon and instructing the recipient to open the attached coupon to cash in on savings.

Trend Micro reports that instead of a coupon, the attachment actually contains an .exe file that compromises the victim's computer. The malicious coupons have been detected as the TROJ_DROPPER.FYU, which downloads and executes a malicious file that makes multiple changes to the Windows registry that allows it to run at every system startup, as well as bypassing the Windows Firewall. As a result, malicious routines of the downloaded file are exhibited on the affected system.