14 DAY TRIAL // Fake emails purporting to come from Skype Communications inform recipients that they’ve received a new message from the Skype voicemail service. In reality, the notifications are designed to distribute a piece of malware.
The emails carry the subject line “You received a new message from Skype voicemail service” and they read something like this: “This is an automated email, please don’t reply. Voice Message Notification. You received a new message from Skype voicemail service.”
They also contain the details of the alleged call, such as time and length. To make it more legitimate-looking, cybercriminals have also included a section in which they advise users to remember that Skype staff will never ask for their password via email.
The links from the bogus voicemail service notifications point to the genuine Skype website. However, according to MX Lab experts, the file that’s attached to them, Skype_Voice_Message-7776C24212.zip, hides a double extension .wav.exe file that’s actually a variant of the notorious ZeuS Trojan.
The threat is designed to steal sensitive information from infected systems, so if you come across these emails, be sure to delete them immediately. If you’re a victim of this attack, regularly scan your computer with an updated antivirus solution.