14 DAY TRIAL // Last night, a fake AT&T “voicemail message” email landed in my inbox. ESET Mail Security immediately warned me that it contained a malicious attachment.
The emails appear to come from [email protected]. They’re entitled “AT&T – You have a new Voice Mail,” and they’re designed to look legitimate.
“You are receiving this message because we were unable to deliver it, voice message did not go through because the voicemail was unavailable at that moment,” the scam notification reads.
The file that’s attached to the emails, “VoiceMail.zip,” contains an executable that’s detected by ESET as Win32/TrojanDownloader.Waski.A. This is a Trojan downloader that transfers other pieces of malware onto the infected computer.
I am not an AT&T customer, so it’s likely that this isn’t a targeted campaign. The cybercriminals are sending the emails out to as many people as they can in hopes that at least some of them will fall for it.
If you come across such emails, act with caution. If a message has a ZIP file attached to it, it’s likely part of a cybercriminal campaign, no matter how legitimate it looks at first sight.