Issue 176 - April, 2014 (2nd Edition) - Page 21
MALWARE - 'Confidential - ALL Employees Important Document'
Email purporting to be a confidential message from the recipient's employer claims that all employees must fill out and submit an important document contained in an attached file.
© Depositphotos.com/ leszekglasner
The email is not from any employer and the attachment does not contain a document, important or otherwise. The attached .zip file harbours a .scr file, that if opened, can install malware on the user's computer. If you receive one of these bogus emails, do not open any attachments or click any links that it contains.
Subject: Confidential - ALL Employees Important Document
Please find attached documentation I will need you to complete and send back to me as soon as you can if that’s okay.
Please do not hesitate to contact me if I can provide you with any further support or assistance.
This email, which some recipients may assume is from their employer, claims that important and confidential documents are contained in an attached file. The message claims that all employees must complete the attached documentation and send it back as soon as possible.
However, the message is not from an employee as implied and the attachment does not contain a document. Instead, the attached .zip file contains a .scr file, which, if opened, can install malware on the user's computer.
Typically, such malware can collect personal information from the compromised computer and connect to remote servers operated by cybercriminals. It may also download and install further malware components.
The malware email does not specifically name the supposed employer. The criminals responsible for the campaign know that at least a few recipients will likely just assume that the email is from their boss and proceed without due caution.
Such inattention may seem inexcusable in retrospect. However, if the person is tired, very busy, or inexperienced with the ways of email and computing, then they may well be vulnerable. After all, just a few seconds of inattention could see the user inadvertently installing the malware. Once installed, the malware will likely perform its heinous tasks silently in the background, so the victim may not initially realize that his or her computer has been compromised.
Criminals use many different methods of distributing malware. Some such attacks are quite sophisticated. Others, like this example, are simply executed but still gain new victims.
An almost identical scam campaign
took place in March 2013. Again, the attachment that came with the fake 'confidential document' contained malware.
Last updated: April 2, 2014
First published: April 2, 2014
Written by Brett M. Christensen
Pages in this issue:
- SCAM - 'Mermaid Found Inside Shark Video'
- HOAX - '15 foot Eastern Brown Snake Found Near Caloundra Golf Course'
- Facebook Limiting Posts Warning - 'This is a Test'
- SCAM -'R.I.P. Dwayne Johnson' - The Rock is NOT Dead
- NONSENSE - 'All Americans Microchipped by 2017'
- SCAM - 'Devil's Pool Fall Epic Selfie Video'
- Heartbleed Bug - Users Warned to Change All Passwords
- HOAX - 'Justin Bieber Admits To Being Bi-Sexual'
- PHISHING SCAM - 'Click to Read Vital Newsletter'
- RingCentral 'New Fax Message' Malware Email
- LIKE-FARMING SCAM - 'Wife Pregnant for 13 Months Needs Prayers'
- 'New Voicemail' Pharmacy Spam Email
- HOAX: '2 Suns In The Sky On April 21st - Star Meccyroid'
- Facebook Promotion, Lottery and Award Scams
- April Fools Joke - 'United States to Ban Raw Meat Sales'
- iTunes Purchase Receipt Phishing Scam
- Dwayne Johnson is NOT Dead
- Nails in Cheese Dog Park Warning Message
- Product Order Request Money Laundering Emails
- Capitec 'Routine Maintenance' Phishing Scam
- MALWARE - 'Confidential - ALL Employees Important Document'
- SCAM - 'Flight MH370 Found in Indian Ocean Shocking Video'
- Lamborghini Giveaway Facebook Like-Farming Scam
- Barclays 'Detected Irregular Activity' Phishing Scam
- MALWARE - 'Traffic Accident With Your Car' Email
- HOAX - 'British Scientists Clone Dinosaur'
- Facebook Sick Child Hoax - 'Help Boy with Massive Tumour by Liking, Sharing and Commenting'