The start of a new week has brought some minor variations to the contract malware I warned you about on Friday.
The malicious messages that are being spammed out are pretending to be changes to a contract – some related to business activities with well known firms like Johnson & Johnson, Starbucks or Google, and others pretending to be connected with a retirement plan.
Here are a couple of examples:
The dangerous files attached to these emails in the samples we’re seeing in our traps are called contract.zip or New_Contract.zip. Sophos intercepts them as Troj/Invo-Zip.
If you use other vendors’ products, make sure that they are properly updated and capable of stopping these threats.