Danger lurks in private dick’s interesting photos

Have you received an email from someone claiming to be a private detective working on your behalf today? Well, don’t click on the attachment.

We’ve intercepted a malicious campaign that has been spammed out in the form of emails claiming to come from a private detective who has found some “interesting photos” proving “evidence of your suspicions”.

Of course, this is all a ruse to get you to open the attached file called DC07 (No Comments).zip

Inside the ZIP, however, you won’t find proof that your husband has been philandering but the Troj/Agent-JBR Trojan horse.

As you can see in the screenshot of the email above, this isn’t the most convincing confidence trick ever conceived with apparent evidence that the hackers failed to merge in the user’s name properly (“#TO_NAME” indeed!”), but who knows if they might get more competent in the future.

And it wouldn’t be surprising if…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.