SophosLabs has intercepted a widespread malicious spam campaign that claims there was a powerful explosion at a nuclear power station outside London two days ago.
You don’t hear about it in the newspapers? Quelle surprise. According to the email, the government have stopped the media reporting about the incident and prevented anyone affected by it contacting the outside world.
According to the email, news of the incident has leaked out onto internet message boards and if you click on the attachment (called victims.zip) then you’ll be able to see images of the devastation left by the explosion and pictures of victims’ bodies.
Of course, this is all nonsense.
In fact, clicking on the attachment will not open any pictures of the supposed explosion but will instead run a Trojan horse detected by Sophos at Troj/Agent-HQE, which will drop itself as oembios.exe in the System directory on your…
Read more in my article on the Naked Security website.