The bogus notifications are designed to distribute malware
IT security firm Avast is warning customers of a malware distribution spam campaign that leverages the company’s name in an effort to increase its success rate.The emails are entitled “Your Order details and Additional information” and they purport to come from firstname.lastname@example.org.
The fake notifications replicate the legitimate messages sent out by Avast to those who purchase product licenses.
The difference is that the order number mentioned in the email doesn’t exist in Avast’s database. In addition, the attachment (avast-Antivirus-Order-Details.zip) is not actually a document, but a piece of malware detected as Win32:Malware[Gen].
Until Wednesday, when it published the alert, Avast observed over 12,500 malware samples.
If you come across such emails, delete them immediately. If you’ve already opened the attachment, scan your computer with an antivirus program to make sure it’s not infected.