Malware spammed out as report for “tomorrow’s meeting”


Meeting in calendar. Image from ShutterstockHave you received an email telling you not to forget to bring a report to a meeting being held tomorrow?

Be on your guard.

SophosLabs is intercepting a malware campaign that has been widely spammed out across the internet, using just such a disguise.

Attached to the emails, which have a subject line of “Don’t forget about a meeting tomorrow” is a file called, which harbours the malware.

Here’s what a typical email looks like:

Malicious meeting email

Interestingly, the spelling of the email’s message body can vary – presumably this was done in an attempt to avoid rudimentary email filters which might attempt to block messages.

Here are some of the variations we’ve seen:

Don't forget this report for meeting tomrorow.
See attached file.

Don't forget this report for meteing tmoorrow.
See attached file.

Don't forget this report for meeting toomrrow.
See attached file.

Don't forget this report for meeitng tomrorow.
See attached file.

Recipients might think the typos are the result of someone writing too quickly, or fumbling on their BlackBerry, rather than an attempt to bypass a company’s email gateway protection.

The misspelling hasn’t been enough to fool Sophos’s products however, which correctly intercept the messages as spam and identifies the attached file as Troj/Invo-Zip.

Be on your guard against such tricks, and always think carefully before opening unsolicited email attachments.

Meeting in calendar image, courtesy of Shutterstock.