Cybercriminals are spamming as many people as they can with a new e-mail that uses the same old trick to prey on ignorant corporate workers. The e-mail message's subject line says it all: "Don't forget about meeting tomorrow." The body of the e-mail pushes the receiver to open the attached file, a supposed report for tomorrow's supposed meeting that is really just malware.
Let's make this as simple as possible. There's no report for tomorrow's meeting. Hell, there's no meeting tomorrow. If your boss, manager, colleague, or whoever else wants to remind you about a meeting tomorrow, and to bring a report with you, they'll do it through the proper channels. Be wary of any e-mails that want you to blindly open a file.
While the title of the e-mail is always the same, the spelling of the e-mail's message body can vary. Sophos, which first reported on this malicious spam, believes this is being done to circumvent rudimentary e-mail filters. The security firm listed four variations we've seen:
Don't forget this report for meeting tomrorow.
Don't forget this report for meteing tmoorrow.
Don't forget this report for meeting toomrrow.
Don't forget this report for meeitng tomrorow.
Sophos detects the attached file as malware which it calls Troj/Invo-Zip. Here's the corresponding description:
Troj/Invo-Zip is a family of zip files that contain malware.
Members of Troj/Invo-Zip are usually sent in spam pretending to relate to an invoice or receipt, often one related to a UPS transaction or to tax.
As a general word of caution, don't open attachments without first making sure they are what they claim to be. The best form of security is a vigilant end user.
- Facebook account cancellation is malware, not Adobe Flash
- Malware charges users for free Android apps on Google Play
- Malware tricks Facebook users into exposing credit cards
- How to protect your Facebook account from stalkers
- Facebook virus or account hacked? Here's how to fix it.
- Facebook teaches users how to remove adware (video)