14 DAY TRIAL // Malicious e-fax messages have often been used by cybercriminals in an effort to distribute malware. The latest such campaign identified by security experts relies on fake DuoFAX emails.
Sophos informs that the notifications are designed to appear as if they’ve been sent with the DuoFAX service. The emails are entitled “New incoming fax” and they appear to come from “[email protected].”
In reality, the notifications have nothing to do with DuoFAX.
When users open the file that’s attached to the emails, they’re actually unleashing a Trojan horse identified by Sophos as Troj/FakeAV-GNL.
Internet users, especially those who work in corporate environments, are advised to be on the lookout for such emails. These pieces of malware can pose a serious threat to a company, which is why it’s important to avoid opening suspicious messages.
For their part, organizations should instate policies and teach their staff how to identify such threats.