A widespread spam campaign has been sent out around the world, attempting to trick internet users into infecting their computers with malware.
Emails, pretending to come from the customer service department of popular hotel booking website Booking.com, have been distributed.
Booking.com is, of course, a very popular website for people arranging accommodation – but even if you are not planning a trip, you might be vulnerable to being tricked into making bad decisions if you receive one of the emails. A bad decision which could end up with your computer being compromised, and your personal information being stolen.
At first glance you may think that the emails are blank, save for a subject line of “Booking Confirmation [random number]”:
But although there is no message body, there is a file attached called Booking_BEDDING-INCLUSIONS.zip:
Would you open the file?
Cybercriminals are certainly hoping that you will, as they’re banking on you being curious enough to check out the contents of the ZIP file – whcih contains contains malicious code posing as a PDF document: Booking_BEDDING-INCLUSIONS.pdf.exe.
Sophos has intercepted many instances of this malicious attack, which is still in progress, proactively identifying the malware as Mal/BredoZp-B.
Always be on your guard against unsolicited emails – even if they appear to come from legitimate organisations. It could be that the link you are about to click on, or the attached file you are about to open, is really a disguise for a malware attack.