I just noticed an increase of the occurrence of this malicious email in my OzEfilter log which I have reported before. Please take extra care.
The email contains the attachment FED655812.zip. In the zip file is the executable file FED655812.exe. It is obvious from the email it is from a made up email address.
The following is the start of the email content.
Attention! The wire sent to Vladimir Kirkorov, Moscow, Russia has been blocked by our security service.
Your credit card issuing bank has halted the transaction by the demand of the Federal Criminal Investigation Service (case No. 73491 since the recipient has been undergoing the international retrieval by the InterPol.
Most people delete these emails, but from our logs we can see that perhaps thousands get tricked.
Instead of deleting the email at the mail server as I normally do with OzEfilter, I allowed this email so I could check to see if this type of malware would be picked up by my anti-virus software. A scan of the file detected no malware and that is obviously not correct. The email attachment most probably does contain a malicious load. The file has been submitted to the online scanning service for verification mentioned in MyAnswers solution 1890.
To all clients and users of JustLocal please take care with any email received with attachments. For extra protection use OzEfilter and delete the email at the mail server safely away from your computer. Infected computers can cost hundreds of dollars to repair.
A few extra seconds when checking emails can save you a very costly repair expense.
- Kelvin Eldridge
Subscribe to:
Post Comments (Atom)
The online scanning service sent through the results showing the zip file containing the file FED655812.exe was malware.
ReplyDelete- Kelvin