Email from Vodafone or Verizon about an over limit credit balance? Beware!

Email users around the world are being finding messages in their inbox today claiming to come from mobile phone operator Vodafone.

The emails, which have the subject line “Your credit balance is over its limit” and claim to come from no-reply@vodafone.co.uk, are not really from Vodafone at all and try to trick unsuspecting users into opening a dangerous attached file which poses as the “Vodafone Balance Checker Tool”.

Bogus email claiming to come from Vodafone

The body of the malicious emails reads as follows:

Dear Vodafone customer,
Your credit balance is over its limit. Please use the attached Vodafone Balance Checker Tool to review and analyze your payments.

Yours sincerely,
Vodafone Customer Services

Sophos detects the contents of the attached file (balancechecker.zip) as Mal/EncPk-LE.

There is a danger that unsuspecting mobile phone owners might fall for the trap, perhaps convinced by the use of Vodafone’s logo which is embedded in the email, and launch the file attachment, thus infecting their computers.

As always, it’s a good idea to treat unsolicited attachments sent to you out of the blue with suspicion. Defending your computers and email gateway with an up-to-date security product is a must if you want to stop hackers hijacking your computer, stealing your identity or tricking you into money-losing scams.

Update:

We are also seeing a version of this malicious spam campaign which uses the name of Verizon Wireless rather than Vodafone.

Bogus email claiming to come from Verizon Wireless

Dear Verizon Wireless customer,

Your credit balance is over its limit. Please use the attached Verizon Wireless Balance Checker Tool to review and analyze your payments.

Yours sincerely,
Verizon Wireless Customer Services

Sophos detects the attached malware proactively as Mal/Zbot-P.