Malicious hackers are posing as DHL and social networking site Facebook in their latest attempts to infect computers with malware. Today we are seeing widespread spam campaigns being cannoned around the world, posing as messages from the companies.
However, files attached to the emails carry Trojan horses that can allow cybercriminals to comandeer your computer for their own purposes.
A typical email reads as follows:
The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.
You may pickup the parcel at our post office personaly.
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.
Please do not reply to this e-mail, it is an unmonitored mailbox!
You would have hoped that a genuine message from DHL would have at least seen a sniff of a spell-checker, wouldn’t you?
Nevertheless, if the above is enough to fall you, then you might be tempted to open the attached file – DHL_Label_73719.zip. That wouldn’t be a good idea though as it contains a Trojan horse, detected by Sophos as Troj/BredoZp-S.
And the bad guys aren’t only relying upon the disguise of a DHL delivery to infect your Windows computer. They are also exploiting the huge popularity of Facebook (350 million users and counting), by sending out messages claiming that the receipient’s Facebook password has been changed for security reasons.
The email reads as follows:
Hey <name> ,
Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.
Attached to the email is a file called Facebook_Password_48f29.zip, and is detected by Sophos as Troj/BredoZp-P.
Both Trojan horses contain the ability to access the internet and communicate with a remote server via HTTP, opening a backdoor for hackers to gain control over your computer. Effectively, if your computer is infected it is now part of a botnet – meaning that hackers can use it for a number of nefarious purposes including stealing identity information, relaying spam or launching distributed denial-of-service attacks.
You should always be extremely suspicious of any unsolicited email which arrives out of the blue, encouraging you to open an attachment.