14 DAY TRIAL // In case you come across an email entitled “Last Month Remit” that apparently comes from your own organization, don’t open the attachment, since it likely contains a piece of malware.
According to Dynamoo’s Blog, the emails read something like this:
“File Validity: 21/10/2013 Company : http://[victimdomain] File Format: Office - Excel Internal Name: Remit File Legal Copyright: Microsoft Corporation. All rights reserved. Original Filename: Last month remit file.xls
Confidentiality Notice This e-mail and any file(s) transmitted with it, is intended for the exclusive use by the person(s) mentioned above as recipient(s).”
The file attached to the bogus notification is called something like Remit_domain.tld.zip. The archive stores a file (Remit_10212013.exe) that appears to be a harmless Excel document. However, in reality, it’s a piece of malware that was initially detected by only a couple of antivirus solutions.
If you’ve already opened the file, update your antivirus and run a full system scan. In this case, it might be wise to repeat the scan after a few more updates of the virus definition database just to be safe.