Threat Alert: Trojan sent via email in a .zip file
We received this alert from Calyptix Security, and wanted to make sure everyone was aware of this new threat. The malicious program is coming through via email that look legitimate with an attached .zip file.
As always, use caution when opening attachments, even if they appear to be from somebody you know.
Here is a copy of the alert:
Calyptix Support has noticed a new and potentially dangerous Trojan that arrives via email with a .zip file attachment. Please alert your clients to the potential danger of opening this message or its attachment.
We’re working diligently to resolve this issue. We will continue to keep you posted on dangerous messages that may circumvent the AccessEnforcer and cause havoc in your client’s network.
Indicators of the email
- Email sender address and recipient address will appear the same. So the email will be sent to firstname.lastname@example.org and will also appear to be sent by email@example.com.
- The email will contain a zip file attachment. The file name will follow this format: “document[#].zip”. For example, the file names “document3.zip” or “document12.zip” are each possible.
- In Quarantine view, the email may display as sent from another country (the flag shown in most cases is not the US flag).