Thank you from Google, and Facebook personal messages lead to malware

Filed Under: Facebook, Google, Malware, Social networks, Spam

Take a look at a couple of email messages Sophos intercepted earlier today.

Firstly, the great guys at Google have been in touch. Their message, entitled "Thank you from Google!", says that they have received my job application and are investigating whether they have the right position inside their company for me.

If I've forgotten the details of my job application (which I clearly have, as I can't for the life of me remember applying for a job at the Googleplex) then they've handily attached it as

Thank you from Google!

And here's a message from Facebook. They've dropped me a note as well - with the title "You have got a new message on Facebook!" - to say that I've received a personal message from an unnamed friend.

You have got a new message on Facebook!

Rather than visiting the Facebook site (which is such a pain, isn't it?), Facebook have kindly attached the personal message to the email as a file called Facebook

Hopefully none of you would be foolish enough to click on the attachments, because they are - of course - malicious.

Sophos products detect the ZIP files in both cases as Troj/ZipMal-AM and their contents as the W32/AutoRun-BHX worm.

Always be suspicious of unsolicited email attachments, and ensure that your anti-virus protection is up-to-date. Malware campaigns can take different disguises and users must learn to be on their guard.

In fact, just as I finish writing this I see there's another campaign spreading the same malware.

The subject line this time?

"Laura would like to be your friend on hi5!"

, , , ,

You might like

3 Responses to Thank you from Google, and Facebook personal messages lead to malware

  1. John · 1679 days ago

    So it's pretty unlikely that you'd receive a job offer from a company to which you personally hadn't applied, but not impossible. Many recruitment companies seem to operate by shooting out resumes to as many employers as possible. If you've mentioned that you've done some work with SQL, you'll be "matched" with anyone who uses SQL and has job vacanices in your field/pay grade/experience level. In IT, that's just about every company out there, even if SQL isn't your best knowledge or the employers' main requirement. You could get an automatic reply from the company which the recruiters send your resume to, since they don't always remove all your personal info.

    Then what do you do, if you're looking for work. Especially if you're a contractor who does short contracts and so are "looking" a lot of the time. Ignore the email, or take a look just in case.

  2. Anonymous Coward · 1678 days ago

    Always look at the mail headers when in doubt. Though they probably could be forged, but I've yet to find anyone that's taken the time to try because most non-IT people don't even know they're there (and you'd be surprised at how many IT I've run across that don't know either).

  3. Mark Dallner · 1678 days ago

    I have the my personal email account filtered through GMail and have abandoned all social networks excepted LinkedIn. Solves most of my problems although the spam filter at GMail seems to have gotten a few holes lately. CMD-OPT T in Apple Mail solves those problem emails. My Facebook account was hacked as I was logged in and I watched as fraudulent messages where sent from my Facebook account. I shut down the account and have not looked back.

    I have a paid version of Sophos for Mac running on my MacBook Pro.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley