Sophos is intercepting a large number of malicious emails that have been spammed out around the world, posing as a new settings files for internet users’ email systems. However, attached to the emails is a Trojan horse.
Each email is carefully disguised in an attempt to lure the recipient into believing they are genuine. For instance, they use the recipient’s email address in the subject line and pretend to come from the support team at the recipient’s email domain:
A typical malicious email reads as follows (I’m assuming the user’s email address is email@example.com below):
Subject: A new settings file for the firstname.lastname@example.org has just be released
Attached file: settings.zip
Dear use of the example.com mailing service!
We are informing you that because of the security upgrade of the mailing service your mailbox email@example.com settings were changed. In…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.