SophosLabs is currently intercepting a widespread malware attack, being spammed out to innocent internet users under the disguise of a mailbox deactivation notice.
The emails, which have a subject line of “your mailbox has been deactivated”, pretend to come from the recipient’s domain. For instance, if your email address was email@example.com the emails would pretend to be from firstname.lastname@example.org.
your mailbox has been deactivated
We are contacting you in regards to an unusual activity that was identified in your mailbox. As a result, your mailbox has been deactivated. To restore your mailbox, you are required to extract and run the attached mailbox utility.
Best regards, [domain name] technical support.
Attached to the emails is a zip file – utility.zip. Under no circumstances should you run the program contained inside the Zip…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.