How a free breakfast day at McDonalds can lead to malware danger

How a free breakfast day at McDonalds can lead to malware danger

McDonaldsI don’t know if you’re the sort of person who wakes up in the morning, and the first thing you long for is a McDonalds’ breakfast – but if you are, you might just be exactly what malware authors are looking for.

Researchers at SophosLabs have seen a malicious email that has been spammed out across the world in the last couple of days pretending to come from McDonalds.

The email claims that the fast-food giant is offering free breakfasts in each and every of their many thousands of restaurants around the globe. Chances are that there are many people who would love the prospect of munching on a McDonalds first thing in the morning.

McDonalds malware email

Part of the email reads as follows:

McDonalds invites you to The Free Breakfast Day which will take place on 26 June, 2011, in every cafe of ours.

Free Day’s menu!
- Ranch Snack Wrap (Crispy)
- Chicken Selects Premium Breast Strips
- Premium Caesar Salad with Grilled Chicken
- Strawberry Triple Thick Shake
- McCafe Hot Chocolate

Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants.

But beware! There is no such thing as a free lunch.. breakfast.

The attached file is, of course, malicious. Sophos detects the ZIP file as Troj/BredoZp-DV and the Invitation_Card.exe file contained within as the Troj/Bredo-HU Trojan horse.

In an attempt to fool computer users into believing the file is safe, the EXE file has a Word icon.

Don’t forget – you should always be suspicious of unsolicited attachments sent to you via email!