Security researchers from Sophos have intercepted a currently spamvertised malware campaign, impersonating the Royal Mail office.
Spamvertised subjects include:
- Error in the delivery address No30173
- You should come to the Royal Mail office and receive a package
- Track your shipment No24127
- Cancellation of the package delivery
- Track your parcel No9782
- A package is available for reception
- Get your parcel No083
- Error in the delivery address No40046009
- Error in the delivery address No0633376
- Delivery Problem
- Royal Mail Delivery information
Dear customer.A courier did not deliver the package to your address.Reason: The package is too largeInformation about your package is attached to the letter.Read all information carefully and come to the "Royal Mail" office to receive your package.Thank you for your attention.Royal Mail Service.
In this campaign, cybercriminals are enticing end users into downloading and execution a malicious .ZIP attachment currently detected as Mal/BredoZp-B and Mal/EnckPK-AAT (MD5: 6bd53a62c768f7ce8663310ed404b89c).
Users are advised not to interact with suspicious emails, or spam emails in general.