People have been receiving emails containing lawsuit threats from nonexistent companies which claim that their email addresses are being bombarded with unsolicited messages.
Subject such as We will be impelled to sue you
, We are going to sue you, You are sending add messages
or A message from our security service
were discovered by Mxlabs
experts who claim that this is actually a Trojan spreading campaign launched toward unsuspecting internauts.
The email seems to come from ICI Investment <firstname.lastname@example.org>
which threatens the recipient that they will file a complaint because allegedly “Your email is sending spam
“We’ve attached a scanned copy of the document assembled by our security service to this letter. Please carefully read through the document and stop sending spam
messages,” warn the angry
The zip attachment that should contain the document actually contains a 45k executable file that was detected as being a Trojan.Downloader.JOPJ.
This particular virus
makes a copy of itself in the StartUp folder of the system, thus making sure it is run every time the computer is restarted. Like many Trojans, it connects to external URLs in the attempt of downloading other malicious files.
This is just another smart spam campaign designed to lure people into a trap and someone who receives such a message might be genuinely concerned about getting sued. I admit that even I would be tempted into believing that a potential infection on my device could be flooding other people's inbox.
So how can we tell that this is actually a scam?
Well, anyone with an up-to-date anti-virus application would be warned immediately that the .exe file from the archive is a virus. Another thing, that relies on common sense, is that you'd have to wonder about what kind of document would come as an executable file.
Any type of email notification should be regarded as a potential threat and, even if it looks real or as coming from someone you know, a good security software and a bit of logical thinking should keep you out of trouble.