Thank you from Google, and Facebook personal messages lead to malware

Graham Cluley
@gcluley

Take a look at a couple of email messages Sophos intercepted earlier today.

Firstly, the great guys at Google have been in touch. Their message, entitled “Thank you from Google!”, says that they have received my job application and are investigating whether they have the right position inside their company for me.

If I’ve forgotten the details of my job application (which I clearly have, as I can’t for the life of me remember applying for a job at the Googleplex) then they’ve handily attached it as CV-20100120-112.zip.

And here’s a message from Facebook. They’ve dropped me a note as well – with the title “You have got a new message on Facebook!” – to say that I’ve received a personal message from an unnamed friend.

Rather than visiting the Facebook site (which is such a pain, isn’t it?), Facebook have kindly attached the personal message to the email as a file called Facebook message.zip.

Hopefully none of you would be foolish enough to click on the attachments, because they…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One comment on “Thank you from Google, and Facebook personal messages lead to malware”

  1. Here is my experience. I received NO WARNING whatsoever about the breach of security, so when engineers claiming to be from TalkTalk rang out of the blue some months ago – with all my account details, address etc. – I gave them the access they were asking for to my computer. As a consequence I lost around £500. Now the phone calls have started again – sometimes as many as 8 a day – and the call barring system does not stop them. Obviously my personal details have been sold on to dozens – perhaps hundreds – of criminal gangs throughout Asia. TalkTalk will not apologise, admit liability or offer any resolution, other than offering to change my number. However, the police advise me that almost certainly this will not stop the problem and that I must change my ISP. However, TalkTalk now threaten me with hefty cancellation fees. Not only have they caused me financial loss and immense stress but they will fine me for taking police advice and switching to another ISP. You couldn't make it up.

Comments are closed.