Sophos Cloud Optix
SophosLabs has intercepted a malware attack, hitting many German internet users today, disguised as an email from Skype.
The email, which has the subject line “Wir haben Ihre Bestellung geliefert” (Translation: We have delivered your order”) has a ZIP file attached, which contains a Trojan horse.
The email claims that details of the order can be found in the attached file.
Here’s what a typical example of the email looks like:
Inside the ZIP file, however, is a program called Die Einzelheiten Ihres Eiknkaufs.pdf.exe, obviously designed to use the “double-extension trick” to hoodwink unsuspecting users into believing it is a PDF rather than an executable file.
Sophos products are being updated to detect the malware, which has been identified as the Troj/Agent-ABCT Trojan horse.
Of course, the emails do not really come from Skype – and you can’t feel anything but sympathy for the company which is having its brand tarnished in this way by cybercriminals.
All internet users must remember to always be suspicious of unsolicited emails, and to be wary of clicking on unknown attachments.
Scarab beetle image from Shutterstock.
Ich war verwundert über diese E-Mail und habe auch versucht den Anhang zu öffnen. Meine Norton AVPrigramm hat den Virus entdeckt und gelöscht..
I hope you can read german
Peter
Google Translate is telling me that you received an email like this, and Norton AV correctly intercepted the attachment as malicious.
Correct Graham. His Norton AV program discovered the virus and quarantined / deleted it prior to him being able to open the .pdf.exe file.
Thanks,
Sven
Nice to know you discovered it too Norton AV discovered it some ago