Summary of payments malware attack spammed out

SophosLabs has intercepted a widespread malware attack that has been spammed out to email addresses around the world.

The emails, which have the subject line “Summary of payments” have a ZIP file attached to them which contains the Troj/Bredo-EB Trojan horse.

Summary of payments malicious email

The emails have the following characteristics:

Subject: Summary of payments
Attached file: 2010
Message body:

<recipient's first name>,

Attached are two files showing the amounts paid this past year.
The files are in Lotus 1-2-3 but I think you can open these in Excel or the Open office spread sheet.

This is working very nicely.

<sender's name>

Of course, the emails haven’t really been sent to you by the apparent “sender” – the cybercriminals have forged the from: address.

As always, you shouldn’t let curiousity get the better of you. Practise safe computing and always be suspicious of unsolicited attachments sent to you out of the blue.