14 DAY TRIAL // Users are advised to be on the lookout for malicious emails that abuse the reputation of RingCentral, the company that provides cloud computing-based phone systems.
Cybercriminals are sending out emails that purport to come from RingCentral’s services.
The fake notifications carry the subject line “New Fax Message on 01/22/2013” (the date could vary), and they read something like this: “To view this message, please open the attachment. Thank you for using RingCentral.”
Conrad Longmore of Dynamoo’s Blog reveals that the file attached to these emails (fax.zip) hides a malicious executable that’s disguised as a harmless Word document.
The threat is actually a variant of Upatre, which downloads other pieces of malware onto infected systems.
At the time of writing, 31 of the 50 antivirus engines on VirusTotal detect the threat. However, it’s important that users refrain from opening attachments from suspicious emails since cybercriminals often renew the pieces of malware they’re trying to distribute.