Sometimes, even simple tricks can be quite effective. In this case, criminals intent on distributing malware are using an email that claims to contain employee documents for internal use. The email contains some rudimentary information about the supposed employee documents and includes a link that downloads the document from where it is stored online.
Tired or busy office workers may think that the message is just one more internal email that they need to deal with and click the link without due forethought.
But, if they do click the link, a zip file will be automatically downloaded to their computer. The zip harbours a malicious .scr file that, if opened, can install malware on Windows based computers. Once installed, the malware may download other types of malware and log sensitive information such as account usernames and passwords from the infected computer. It can then relay this stolen information to online criminals and allow the criminals to access and control the infected computer.
Versions of this malware email have been hitting inboxes since late 2014. If you receive one, do not click any links or open any attachments that it contains.
Subject: Employee Documents – Internal Use
DOCUMENT NOTIFICATION, Powered by NetDocuments
DOCUMENT NAME: Employee Documents
DOCUMENT LINK: [Link removed]
Documents are encrypted in transit and store in a secure repository
This message may contain information that is privileged and confidential. If you received this transmission in error, please notify the sender by reply email and delete the message and any attachments.
Last updated: November 13, 2015
First published: November 13, 2015
By Brett M. Christensen