No, you’ve not received a postcard from a family member

Image (1) family-member.jpg for post 16074

Over the weekend there has been a new wave of attacks spammed out, spreading a version of the Bredo Trojan horse via malicious emails.

The emails claim to be an ecard from a family member, but opening the attachment can infect your computer with the Troj/Bredo-BS Trojan horse.

Malicious email pretending to be a postcard from a family member

A typical email has the following characteristics:

Subject: You've received a postcard
Attached file:
Message body:
Good day.

Your family member has sent you an ecard
If you wish to keep the ecard longer, you may save it on your computer or take a print.
To view your ecard, open zip attached file.

This is clearly an old tactic to trick people into infecting their computers, but the reason why it’s so familiar is that it really does work.

There’s clearly a danger that some people may return to their work email on Monday morning and, with still sleepy eyes after the wekeend, open the attachment before their brain has been woken up by a strong sip of coffee.

Sophos detects the ZIP file as Troj/BredoZp-AC, and its contents as Troj/Bredo-BS.

Somehow the BS nomenclature seems particularly appropriate for this clearly bogus ecard from a family member.

Wave of malicious Bredo emails

Make sure your anti-virus software is up-to-date, and able to protect against these latest threats, which are still being distributed via spam right now, as you can see in the above snapshot of malware being detected in our traps.

Don’t forget you should always be cautious of opening unsolicited email attachments – criminal hackers will often use this technique to try to trick you into running malicious code on your computer.