Thank you from Google, and Facebook personal messages lead to malware

Graham Cluley
Graham Cluley
@[email protected]

Take a look at a couple of email messages Sophos intercepted earlier today.

Firstly, the great guys at Google have been in touch. Their message, entitled “Thank you from Google!”, says that they have received my job application and are investigating whether they have the right position inside their company for me.

If I’ve forgotten the details of my job application (which I clearly have, as I can’t for the life of me remember applying for a job at the Googleplex) then they’ve handily attached it as

Thank you from Google!

Sign up to our free newsletter.
Security news, advice, and tips.

And here’s a message from Facebook. They’ve dropped me a note as well – with the title “You have got a new message on Facebook!” – to say that I’ve received a personal message from an unnamed friend.

You have got a new message on Facebook!

Rather than visiting the Facebook site (which is such a pain, isn’t it?), Facebook have kindly attached the personal message to the email as a file called Facebook

Hopefully none of you would be foolish enough to click on the attachments, because they are – of course – malicious.

Sophos products detect the ZIP files in both cases as Troj/ZipMal-AM and their contents as the W32/AutoRun-BHX worm.

Always be suspicious of unsolicited email attachments, and ensure that your anti-virus protection is up-to-date. Malware campaigns can take different disguises and users must learn to be on their guard.

In fact, just as I finish writing this I see there’s another campaign spreading the same malware.

The subject line this time?

"Laura would like to be your friend on hi5!"

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Thank you from Google, and Facebook personal messages lead to malware”

  1. Graham Turner

    Here is my experience. I received NO WARNING whatsoever about the breach of security, so when engineers claiming to be from TalkTalk rang out of the blue some months ago – with all my account details, address etc. – I gave them the access they were asking for to my computer. As a consequence I lost around £500. Now the phone calls have started again – sometimes as many as 8 a day – and the call barring system does not stop them. Obviously my personal details have been sold on to dozens – perhaps hundreds – of criminal gangs throughout Asia. TalkTalk will not apologise, admit liability or offer any resolution, other than offering to change my number. However, the police advise me that almost certainly this will not stop the problem and that I must change my ISP. However, TalkTalk now threaten me with hefty cancellation fees. Not only have they caused me financial loss and immense stress but they will fine me for taking police advice and switching to another ISP. You couldn't make it up.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.