Our labs are seeing a stampede of emails claiming to come from Western Union’s support team, but are actually carrying a malicious payload in the form of a Trojan horse.
The emails, which pretend to have been sent from firstname.lastname@example.org, have subject lines such as
Western Union Transfer MTCN: 2048922446
(note that the number is randomly generated) and contain the following message:
The money transfer you have sent on the 1st of April wasn’t collected by the recipient.
According to the Western Union regulation the transfers which are not collected in 15 days are to be returned to sender. To collect cash you need to print the invoice attached to this email and visit the nearest Western Union branch
Attached to the spammed-out emails is a file called WesternUnion_SPL90710021.zip, which, unbeknownst to the unsuspecting recipient, contains a malicious Trojan horse called…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.