The Trojan distributed in these notifications has been spotted in another recent spam run
Telstra customers are warned to be on the lookout for fake bills that come via email. Cybercriminals are leveraging such bogus notifications to trick users into installing a piece of malware.“Please find a PDF file of your latest bill attached. It’s due for payment by 13 Jan 13. We’ve noticed you have an overdue amount which should be paid immediately. Please check this latest bill for the details and contact us if you have any questions,” the emails read.
The attackers are most likely relying on the fact that such notifications would get users to immediately open the attachment.
According to Hoax Slayer, the files attached to these emails appear to be harmless PDFs but, in reality, they hide a piece of malware identified by Sopos as Troj/Invo-Zip.
This is the same Trojan that we’ve seen in the Europcar spam campaign that has been making the rounds recently.
Telstra customers are advised to act with caution when receiving suspicious notifications, especially since this isn’t the only spam campaign that’s currently targeting them.