14 DAY TRIAL // Cybercriminals are using fake payroll reports apparently coming from Sage ([email protected]) to trick users into installing malware on their computers.
The emails carry the subject line “Payment Overdue – Please respond” and they read: “Please find attached payroll reports for the past months. Remit the new payment by 11/10/2013 as outlines under our payment agreement.”
The bogus notifications are signed with various names, including Bernice Swanson and Shelby Lloyd.
The files attached to the emails are not payroll reports but a piece of malware. In case you come across such emails, ignore them. They have nothing to do with Sage.
If you’ve already opened the attachment, regularly scan your device with an antivirus program. The threats attached to such emails might not be detected by antivirus solutions right away, but they’re usually identified after a few virus definition database updates.
Additional technical details on the malware and the spam campaign can be found on Dynamoo’s Blog and on ThreatTrack Security's Malicious Spam Alerts website.