Security researchers warn about new spam emails purporting to offer a free meal at McDonald's, but in reality contain malware.The rogue emails bear different subjects such as "
Your favourite dishes are given for free" or "
We invite everyone to the day of free food" and purport to come from @mcdonalds.com email addresses.
The message contained within is almost the same for all emails, but the free menu and type of meal differs.
For example, in a sample intercepted by Sophos, the spammers write "
McDonalds invites you to The Free Breakfast day which will take place on 27 June, 2011, in every cafe of ours."
However, BitDefender found a different variant where the spammers claim it's The Free Dinner Day. The menus listed in the two emails also differ, but both of them have the same final instruction:
"
Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants. Every manager will gladly take your card and issue you a tasty dish of Free Day."
The file attachments are called Invitation_card_[number].zip and contain an executable file which installs a trojan dropper which downloads and installs other pieces of malware, including a backdoor, from third-party websites.
"
In an attempt to fool computer users into believing the file is safe, the EXE file has a Word icon. Don't forget - you should always be suspicious of unsolicited attachments sent to you via email,"
warns Graham Cluley, a senior technology consultant at Sophos.
"
Other senders for this campaign are assistance@mcdonalds.com, help@mcdonalds.com, helping@mcdonalds.com, manager@mcdonalds.com or support@mcdonalds.com. For instance, I got the mail from the information@mcdonalds.com, but you can get it from any of the above,"
notes BitDefender's Loredana Botezatu.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
