Malware-laden fake YesAsia invoices spammed out

Graham Cluley
Graham Cluley
@[email protected]

YesAsia Trojan is a popular online retailer that sells Asian and Western products. Think of a website like, but with a focus on selling movies, music, and electronics to customers in Asian countries.

Unfortunately, it seems that cybercriminals are trying to take advantage of YesAsia’s popularity by spamming out malicious emails posing as invoices.

Here’s an example, claiming that the recipient’s credit card has been charged for the purchase of a Logitech webcam and a Freecom external hard drive:

YesAsia malicious email. Click for a larger versionClick on the above image to see a larger version.

Sign up to our free newsletter.
Security news, advice, and tips.

Be wary if you receive one of these emails, as the links do not point to but to a ZIP file on instead. is not a real YesAsia website, and was registered by somebody just yesterday for the purposes of duping PC owners into installing the malware.

Domain registration for

The .ZIP file is detected by Sophos as Mal/BredoZp-B and the .EXE contained within is detected as the Troj/VB-FPL Trojan horse.

You should always be suspicious of unsolicited emails, and please remember to keep your anti-virus software up-to-date.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.