Sophos Cloud Optix
Have you received an email telling you not to forget to bring a report to a meeting being held tomorrow?
Be on your guard.
SophosLabs is intercepting a malware campaign that has been widely spammed out across the internet, using just such a disguise.
Attached to the emails, which have a subject line of “Don’t forget about a meeting tomorrow” is a file called Report.zip, which harbours the malware.
Here’s what a typical email looks like:
Interestingly, the spelling of the email’s message body can vary – presumably this was done in an attempt to avoid rudimentary email filters which might attempt to block messages.
Here are some of the variations we’ve seen:
Don't forget this report for meeting tomrorow.
See attached file.Don't forget this report for meteing tmoorrow.
See attached file.Don't forget this report for meeting toomrrow.
See attached file.Don't forget this report for meeitng tomrorow.
See attached file.
Recipients might think the typos are the result of someone writing too quickly, or fumbling on their BlackBerry, rather than an attempt to bypass a company’s email gateway protection.
The misspelling hasn’t been enough to fool Sophos’s products however, which correctly intercept the messages as spam and identifies the attached file as Troj/Invo-Zip.
Be on your guard against such tricks, and always think carefully before opening unsolicited email attachments.
Meeting in calendar image, courtesy of Shutterstock.
So this instantly makes me wonder. How many people actually get an e-mail like this and are stupid enough to go "Oh I have a meeting tomorrow? I best open this file from someone outside the company who somehow knows where I am supposed to be better than I do"
Of course it might hit some people who actually have a meeting the next day, but still begs the question of why you would fall for this. First thing I look at on an e-mail is who it is from. I'm not about to just open a file from a random address.
why are they “stupid”? Were you not as “stupid” at one time?
Any spelling mistakes I always know its likely to be a scam common sense prevails you know
One might say the same about messages that use poor grammar and no punctuation.
I agree with Machine Shin, and I'm sorry but if you don't check the e-mail address it's from and open a .zip file you deserve to be infected. You'd have to be brainless to open that.
What! You don’t know how to remove a clot in the cerebral cortex – you idiot you!