Administrator 'Internal Only' Malware Email
This malware email, which claims to be from the 'Administrator', warns rather cryptically that the linked file is INTERNAL ONLY.
The message asks you to follow a link to read an Adobe Reader format file and specifies the legal copyright as belonging to the Adobe Corporation.
In an effort to make the message seem relevant to each recipient, the URL leading to the supposed file contains the domain used in the recipient's email address. For example, if you have an email address in the format firstname.lastname@example.org, the link in the malware email will be displayed as:
This simple trick ensures that at least a few recipients will believe that the email is an official notification from an administrator at their Internet service provider and click the link without due forethought.
In reality, the link displayed in the message is just for show. The real link hidden underneath opens a fraudulent website that has no connection to your service provider.
Clicking the link will download a .zip file that harbours a trojan. Once installed, this trojan may download more malware which may in turn collect personal information from the infected computer and allow criminals to control the computer for their own purposes.
If you receive one of these malware emails, do not click any links or open any attachments that it contains.
Subject: Internal ONLY
**********Important - Internal ONLY**********
File Validity: 10/04/2015
Company : [domain taken from email]
File Format: Adobe Reader
Legal Copyright: Adobe Corporation.
Please follow this link : [uses domain taken from email]internal/EncryptedMessage
********** Confidentiality Notice **********.
This e-mail and any file(s) transmitted with it, is intended for the exclusive use by the person(s) mentioned above as recipient(s). This e-mail may contain confidential information and/or information protected by intellectual property rights or other rights. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender and delete the original and any copies of this e-mail and any printouts immediately from your system and destroy all copies of it.
Last updated: September 22, 2015
First published: April 10, 2015
By Brett M. Christensen
Malware Threat Articles