Scammers are pushing out malware by leveraging the hype around the deal-of-the-day website Groupon. Usually with the subject "Groupon dicount gifts" the spam claims one of your friends has found a deal on the website, but really it just includes malware.
The e-mail says that your friend has sent you a discount code for the deal and urges you to open the attachment, which is usually called "Gift coupon.zip." Sophos, which first reported on this spam, detects the malware as Troj/Bredo-ABB and Mal/BredoZp-B.
Here's the e-mail's main body:
You're going to love it
We are glad to inform you that one of your friends has found a great deal on Groupon.com! And even shared it with you!
Yeah! Now Groupon.com gives an opportunity to share a discount gift with a friend!
Enjoy your discount gift in the attachement and share it with one of your friend as well.
All the details in the file attached. be in a hurry this weekend special is due in 2 days!
"As always, keep your anti-virus up-to-date and your wits about you," a Sophos spokesperson said in a statement. "It's easy for anyone to make a professional-looking email using the branding of a well-established website in their attempt to lure you into opening an attached file or clicking on a dangerous web link."
As a general word of caution, never blindly open attachments in e-mails. Also never forward e-mails, whether you think they are true or not. Spammers use e-mail chain letters to collect e-mail addresses for sending you junk mail as well as malware.
- Facebook account cancellation is malware, not Adobe Flash
- Malware charges users for free Android apps on Google Play
- Malware tricks Facebook users into exposing credit cards
- How to protect your Facebook account from stalkers
- Facebook virus or account hacked? Here's how to fix it.
- Facebook teaches users how to remove adware (video)