Sophos: Spoof contracts from big name businesses target inquisitive email users
November 2008 by Sophos
Sophos is reminding email users not to let curiosity get the better of them following the discovery of a malicious spam campaign that involves a Trojan horse masquerading as official documents from well known brands such as Apple, FedEx, Google and Starbucks.
Relying on the inquisitiveness of unsuspecting recipients, the spam mails contain an attachment called ‘New_Contract.zip’. However, instead of containing any contractual information, the file is in fact a malicious Trojan, detected by Sophos as Troj/Invo-Zip.
"It is curiosity which the cybercriminals are depending on in order to infect your computer, and potentially steal information, resources and money from you - so don’t make it easy for them,” said Graham Cluley, senior technology consultant at Sophos. “Just delete these messages if you receive them.”
Sophos recommends that all computer users exercise caution when opening unsolicited emails, and ensure they are fully defending against attacks, including spam, phishing and malware.