14 DAY TRIAL // Users are advised not to panic in case they receive emails in which the sender accuses them of hacking into their email account and stealing private pictures and financial details. The same spam campaign also uses the old “I have pictures of your girlfriend” line.
Sophos experts have come across a number of versions. However, they all have the same goal: to spread malware identified as Mal/EncPk-NS and Troj/Zbot-CCH.
As always, the malicious elements are compressed in .zip files in an attempt to avoid being detected by antivirus applications.
The one thing that these emails have in common is the fact that they try to induce a state of emergency.
“I have a proof that you broke into my email and stole my private photos and financial information. It can be clearly seen in the files attached to this message. If you don't respond within 48 hours I will have to report you,” reads one variant.
Another one, addressed to potential female victims, reads, “Sorry to disturb you <name> Someone sent me thee pictures they seem to be from you and your boyfriend I'm really troubled by this why do you send your private photos around?? this is beyound my understanding. It's in attachment.”
The bottom line is that you should beware of emails that come with subjects such as “These pictures should be taken down immediately”, “You can't say I haven't warned you now enjoy the consequences”, “The police investigation is under way now,” or “The criminal investigation against you has started.”
No matter how urgent it sounds, stop and think about it for a moment before rushing to open the attachment.
Also, if you’re the type that panics easily, make sure that there’s an antivirus software installed on your computer since in many cases it can keep you out of trouble.