Warning: Fake Groupon e-mails include malware

Cybercriminals are pushing fake Groupon discount e-mails in the hopes you'll think they are coming from a friend. The attached file is not what it claims to be. It's malware.

Warning: Fake Groupon e-mails have malware

Scammers are pushing out malware by leveraging the hype around the deal-of-the-day website Groupon. Usually with the subject "Groupon dicount gifts" the spam claims one of your friends has found a deal on the website, but really it just includes malware.

The e-mail says that your friend has sent you a discount code for the deal and urges you to open the attachment, which is usually called "Gift coupon.zip." Sophos, which first reported on this spam, detects the malware as Troj/Bredo-ABB and Mal/BredoZp-B.

Here's the e-mail's main body:

Hi there!
You're going to love it

We are glad to inform you that one of your friends has found a great deal on Groupon.com! And even shared it with you!

Yeah! Now Groupon.com gives an opportunity to share a discount gift with a friend!
Enjoy your discount gift in the attachement and share it with one of your friend as well.

All the details in the file attached. be in a hurry this weekend special is due in 2 days!

"As always, keep your anti-virus up-to-date and your wits about you," a Sophos spokesperson said in a statement. "It's easy for anyone to make a professional-looking email using the branding of a well-established website in their attempt to lure you into opening an attached file or clicking on a dangerous web link."

As a general word of caution, never blindly open attachments in e-mails. Also never forward e-mails, whether you think they are true or not. Spammers use e-mail chain letters to collect e-mail addresses for sending you junk mail as well as malware.

See also:

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All