Thank you from Google, and Facebook personal messages lead to malware


Take a look at a couple of email messages Sophos intercepted earlier today.

Firstly, the great guys at Google have been in touch. Their message, entitled “Thank you from Google!”, says that they have received my job application and are investigating whether they have the right position inside their company for me.

If I’ve forgotten the details of my job application (which I clearly have, as I can’t for the life of me remember applying for a job at the Googleplex) then they’ve handily attached it as

Thank you from Google!

And here’s a message from Facebook. They’ve dropped me a note as well – with the title “You have got a new message on Facebook!” – to say that I’ve received a personal message from an unnamed friend.

You have got a new message on Facebook!

Rather than visiting the Facebook site (which is such a pain, isn’t it?), Facebook have kindly attached the personal message to the email as a file called Facebook

Hopefully none of you would be foolish enough to click on the attachments, because they are – of course – malicious.

Sophos products detect the ZIP files in both cases as Troj/ZipMal-AM and their contents as the W32/AutoRun-BHX worm.

Always be suspicious of unsolicited email attachments, and ensure that your anti-virus protection is up-to-date. Malware campaigns can take different disguises and users must learn to be on their guard.

In fact, just as I finish writing this I see there’s another campaign spreading the same malware.

The subject line this time?

"Laura would like to be your friend on hi5!"