Have you received an email out of the blue with no message body, but with a file called
<random number>_inv.html
attached?
Well, be on your guard – as you could be in the firing line for a new malware attack that has been widely spammed out around the world.
Here is just a small snapshot of the different subject lines we’ve intercepted at our global network of spam traps:
If you make the mistake of opening the attached HTML file your computer will be redirected to a fake anti-virus attack on a third party site. That means that you will begin to see bogus security warnings trying to trick you into handing over your credit card details, or to download further dangerous software to your computer.
Sophos’s products don’t have any problem intercepting the messages above as spam (and we’ll be detecting the attachment as Troj/JSRedir-CO shortly), as well as intercepting the webpage that the attack attempts to connect with and blocking the fake…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.