Once again email users are being warned to be wary of unsolicited attachments arriving in their inboxes after online criminals spammed out a malware campaign designed to infect recipient’s computers.
The emails pose as unpaid invoices, using a wide range of senders’ names and reference numbers.
Here is an example:
Your invoice appears below. Please remit payment at your earliest convenience.
Thank you for your business – we appreciate it very much.
Attached to the emails is a zip file, Invoice_copy_[number].zip.
I have received scores of the emails at one of my personal accounts, all using different names for the sender and the bogus courier service. Of course, what’s happening here is that online criminals are trying to use social engineering to trick you into opening the attached file – in this case, pretending the file is an unpaid invoice and demanding that you pay as soon as possible.
The ZIP in itself cannot harm your computer, but its contents are dangerous.
In all likelihood, the aim of the code is to download further malware from the internet, and attempt to exploit vulnerabilities to hijack control of your computer.
But there’s nothing to fear if you have your wits about you, and are protected by up-to-date security software.
But even if you or your users weren’t able to stop the attempted attack at that stage, the good news is that Bitdefender’s anti-virus can intercept the malicious code – detecting it as JS:Trojan.Script.CRD – and prevent it from running.
A quick check on VirusTotal suggests that other anti-virus vendors are steadily adding identification of the malware to their products. As ever, whether you are using Bitdefender to protect your systems or not, keep your anti-virus defences updated.
You should always be on your guard about unsolicited emails, especially when they contain unexpected attachments or links. It’s far from a new technique to infect computers, but because it works so well – it’s not at all uncommon to see cybercriminals trying to trick unsuspecting users into the trap time and time again.