Message purporting to be from telecommunications company AT&T claims that a new voicemail could not be delivered to the recipient. The email includes an attached file that supposedly contains the voicemail.
The message is not from AT&T and the attached file does not contain a missed voicemail. Instead, the attachment harbours a malicious .exe file hidden within a .zip file. Opening the .exe file can install malware on the user’s computer.
Manage myAT&T Account
You have received a voicemail at 2013-19-12 35:31:25 CST.
You are receiving this message because we were unable to deliver it, voice message did not go through because the voicemail was unavailable at that moment.
* The reference number for this message is qvfl_cjl09-9107319601-2125579909-62.
The length of transmission was 24 seconds.
The receiving machine’s ID: YJH35-TW410-F37JZL.
AT&T Online Services
AT&T Support – quick & easy support is available 24/7.
According to this email, which claims to be from telecommunications giant AT&T, the recipient has a new voicemail. The message advises that the voicemail could not be delivered. The message includes an attached .zip file that supposedly contains a copy of the lost voicemail.
However, the message is not from AT&T and the attached file does not contain an undelivered voicemail as claimed. In fact, hidden inside the attached .zip file there is a malicious .exe file.
If opened, the .exe file can install malware on the user’s computer. Typically, such malware can harvest sensitive personal information from the infected computer and relay it to servers operated by online criminals. It may also allow the criminals to control the compromised computer from afar and download and install even more malware.
This attack is similar to another malware distribution that claims that WhatsApp users have a new voicemail waiting. Clicking the “Play” button in the bogus email will open a malicious website that harbours malware.