“Kaspersky email virus”. What is that email scam?

The Kaspersky email virus is a notorious callsign for the unwanted email spam you can get in your mailbox. These emails consist of fake statements about your PC safety from Kaspersky – famous antivirus vendor. In this letter, you are said that the recent scan showed that your email account contains several dangerous files. As the letter states, to approve the virus removal and see the scan details, you need to follow the attached link. In fact, that link is just a phishing page. You will read the comprehensive explanation of this fraudulent scheme, as well as the risks related to it in this short article.

GridinSoft Anti-Malware Review

GridinSoft Anti-Malware

Removing email scam manually may take hours and may damage your PC in the process. I recommend you to download GridinSoft Anti-Malware for threats removal. Allows to complete scan and cure your PC during the trial period.
6-day trial available for threats removal.
EULA | Privacy Policy | GridinSoft

What is the Kaspersky email virus?

The name which was attached to this phishing by scared users does not mean that a person from Kaspersky really notifies you about the detected viruses on your mailbox. The fraudsters who steal the credentials in such a method just choose this callsign to lull the vigilance. Name of the Kaspersky is a recognizable thing, which is recognized trustworthy by a big number of users. And when the user gets this letter, he/she will not even think that this is a phishing1. The possibility that a person will follow the link or open the document attached to this email is very high.

Fake Kaspersky email

The hysteria element is escalated by the text of the Kaspersky email virus message (read it below). Claims about the infected emails turns the users into panic, because it is hard to remember if you opened the files on your email. All details, as fraudsters say in the letter, are posted by the link they attached to the letter. The text may vary depending on the decision of scammers. Every little thing looks legitimate, so the victim will likely check the link. And the phishing occurs right on that web page.

Title: SECURITY ALERT !!!

Dear *username*

Our automatic daily scan, detected some malicious files in your mailbox.
You are adviced to run a full scan now to prevent damage to your files and system.

SCAN NOW (button with a hyperlink)

Kaspersky is an independent software technical support service provider for a large scale variety of third party products and brands and services. Any use of Trademarks, Brands, Products and Services is referential and kaspersky has no affiliation with any of these third-party companies unless such relationship is expressly specified. The services we may also be available on Owners website’s.

© 2021 AD Kaspersky Lab. All right reserved.

How dangerous the Kaspersky email virus is?

Regardless of the stimulus the user clicked the link/file, he will lose his email. This phishing is realized in a very simple method: the website by the link in email shows you the pseudo scan process, and then asks to approve the email by typing the password. They know the exact email address, because you landed on this page from your email. The website address is web-vb3[.]web[.]app. This page shows you a copy of the email message, but the “SCAN NOW” button activates the dialogue window, where you need to type your password. No complicated methods, like exploit kit usage – victims will do everything themselves.

Fake Kaspersky website

Here is a short description of Kaspersky email virus:
Name Kaspersky email virus
Type Email spam
Hazard type Phishing website
Malware source Malicious link
Disguise Notifications from Kaspersky
Protection methods
To remove possible virus infections, try to scan your PC

This scheme is used to spread spyware, banking trojans and keyloggers. All of them are targeted on your sensitive data, usually – on the important credentials. The second possible virus can be the most harmful one if you use online banking. It is targeted on stealing the logging keys on the web pages of the banks, so it can easily steal your login/password. So, the cyber burglars will be able to do whatever they intend with your money2. At the same time, spyware may miss your banking credentials, but will definitely thief all possible data about you and your PC. List of the installed apps, often-used utilities, security tool onboard, credentials for the social networks – this and a lot of other information will be gathered and sent to the control server.

Can I avoid this scam?

The things are not so hopeless for the Kaspersky email virus. It is quite easy to differentiate the counterfeited email. First, you need to reminisce if you have a Kaspersky email saving or deposit account. It can be very funny to spectate this kind of email spam when you don’t have one. However, some users can open the added file/link just because of the simple interest. People can do rash acts, and this is just such a case. Another element which can help you to see that someone tries to scam you is the sender’s email address. Official Kaspersky email address has a specific domain name, and the fraudsters will not be able to get an email address in this domain. Instead, spammers will likely register an email address like “noreply-support12961@gmail.com” or even “uasfbp02309@aol.com”. It is quite easy to distinguish the first one from the second and third, isn’t it?

 Kaspersky email email scam

The example of dubious email address on another online spamming campaign

The final defence level is an security tool. A big number of users have their email conversations in the separated program, called mail client. Some of these clients download the attached file at the moment when you check the email. In this case, you must have an antivirus tool which is capable of proactive protection. Last option makes it possible to block the malware launching when the situation is just like I have described in this paragraph. Same situation is with attached links: to discover that these links are malicious, the anti-malware solution must have an internet protection function. All of these functions are available in GridinSoft Anti-Malware, and I will recommend you to use it to protect your computer from Kaspersky email virus and similar hazards.

What can I do if I have clicked on the link/file in the spam message?

Don’t panic. The spyware activity is not a doom. Of course, the important data you have on your computer is definitely in danger, but the logins and passwords can easily be changed. First of all, you need to erase the viruses you have got through the Kaspersky email virus. I can offer you to make use of GridinSoft Anti-Malware to perform this step.

Removing the viruses with GridinSoft Anti-Malware

  • Download and install GridinSoft Anti-Malware. After the installation, you will be offered to perform the Standard Scan. Approve this action.
  • Gridinsoft Anti-Malware during the scan process

  • Standard scan checks the logical disk where the system files are stored, together with the files of programs you have already installed. The scan lasts up to 6 minutes.
  • GridinSoft Anti-Malware scan results

  • When the scan is over, you can choose the action for each detected virus. For all files of the viruses distributed through the described phishing the default option is “Delete”. Press “Apply” to finish the malware removal.
  • GridinSoft Anti-Malware - After Cleaning

Now, when the virus is removed, you need to remember which login credentials you inputted after clicking the spam message. Malware is not omnipotent, and is not able to steal the logins and passwords which were not in use. So, keep calm and change the login details that are about to be compromised.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

References

  1. About phishing methods and ways of counteraction.
  2. Detailed article about the banking trojans on Investopedia

About the author

Robert Bailey

Security Engineer. Interested in malware, reverse engineering, white ethical hacking. I like coding, travelling and bikes.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.