Malware spammed out as report for "tomorrow's meeting"

Filed Under: Featured, Malware, Spam

Meeting in calendar. Image from ShutterstockHave you received an email telling you not to forget to bring a report to a meeting being held tomorrow?

Be on your guard.

SophosLabs is intercepting a malware campaign that has been widely spammed out across the internet, using just such a disguise.

Attached to the emails, which have a subject line of "Don't forget about a meeting tomorrow" is a file called Report.zip, which harbours the malware.

Here's what a typical email looks like:

Malicious meeting email

Interestingly, the spelling of the email's message body can vary - presumably this was done in an attempt to avoid rudimentary email filters which might attempt to block messages.

Here are some of the variations we've seen:

Don't forget this report for meeting tomrorow.
See attached file.

Don't forget this report for meteing tmoorrow.
See attached file.

Don't forget this report for meeting toomrrow.
See attached file.

Don't forget this report for meeitng tomrorow.
See attached file.

Recipients might think the typos are the result of someone writing too quickly, or fumbling on their BlackBerry, rather than an attempt to bypass a company's email gateway protection.

The misspelling hasn't been enough to fool Sophos's products however, which correctly intercept the messages as spam and identifies the attached file as Troj/Invo-Zip.

Be on your guard against such tricks, and always think carefully before opening unsolicited email attachments.

Meeting in calendar image, courtesy of Shutterstock.

,

You might like

6 Responses to Malware spammed out as report for "tomorrow's meeting"

  1. Machin Shin · 752 days ago

    So this instantly makes me wonder. How many people actually get an e-mail like this and are stupid enough to go "Oh I have a meeting tomorrow? I best open this file from someone outside the company who somehow knows where I am supposed to be better than I do"

    Of course it might hit some people who actually have a meeting the next day, but still begs the question of why you would fall for this. First thing I look at on an e-mail is who it is from. I'm not about to just open a file from a random address.

    • Internaut · 750 days ago

      why are they "stupid"? Were you not as "stupid" at one time?

  2. Robert Gracie · 752 days ago

    Any spelling mistakes I always know its likely to be a scam common sense prevails you know

    • Guest · 751 days ago

      One might say the same about messages that use poor grammar and no punctuation.

  3. Trouble · 751 days ago

    I agree with Machine Shin, and I'm sorry but if you don't check the e-mail address it's from and open a .zip file you deserve to be infected. You'd have to be brainless to open that.

    • Internaut · 750 days ago

      What! You don't know how to remove a clot in the cerebral cortex - you idiot you!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.