A seaside hotel in Pembrokeshire, South West Wales, has become the unwilling participant in a widespread malware attack spammed around the world.
Computer users have received emails claiming to be a booking confirmation from the Atlantic Hotel in Tenby.
But the truth of the matter is that the emails don't come from the hotel at all, but are instead designed to trick curious recipients into opening the dangerous file attached.
Here is what a typical email sent out in the malware campaign looks like:
Subject: Fw: Atlantic Hotel
Dear,
Further to our telephone conversation, please find attached confirmation of your booking with us.
We would like to thank you for making this reservation and we look forward to greeting you at the Atlantic Hotel on the 20th March 2013.
Yours sincerely,
Duty Manager
Attached to the email is a file called "AtlanticHotel Booking Confirmation.zip", which contains a malicious Trojan horse.
Sophos products detect the attack as the Troj/Agent-AAQY Trojan horse, designed to hijack your Windows computer and give remote access to malicious hackers.
The Atlantic Hotel is clearly unimpressed with the malware campaign bringing its name into disrepute, and has put a note on the front page of its website:
Please Note
The Atlantic Hotel domain is currently being used to 'spoof' emails containing a 'trojan' attachment ending in the words booking confirmation.zip. We are aware of this and are trying to combat the situation, please delete any email with an attachment purporting to be from us. These emails originate somewhere other than on our server and so we have no control over them.
As always, the best defence is to keep your anti-virus defences updated and always think twice before opening unsolicited email attachments.
PS. For those thinking of nipping off to Tenby for a quick holiday here's a weather report. It's currently cloudy, with the prospect of rain showers later.
It's a bracing 4℃ (that's 39℉), so there's probably no need to pack any suntan lotion.
Follow @gcluley
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
Lol, a Uk resident would automatically twig this as false. Who in their right mind would want to visit Wales?:-)
^^^^^ Cheeky git. That's a typical English arrogant comment.
How do you know he's English?
That's a bit racist, just because we are going to stuff you in the rugby
Any more details on this virus. I have a pc infected with it. Our solution detects and removes it but the virus is continually self replicating and therefore just in a continuous detection and removal loop
Are you a Sophos customer? If so, please contact our support guys for assistance.
Also, you could try our free virus removal tool (even if you're not a customer): http://www.sophos.com/en-us/products/free-tools/v...
I've just received this one today, not opened it, just deleted.
Really Kevin. How very interesting, eh. everybody?
Come to Wales, home of the 6 Nations Champions 2013 ;-)