Spammers bait users with "stolen nude photos", deliver malware
Posted on 25.06.2012
If you get an email saying that nude pictures of you and/or of your girlfriend have been leaked on the Internet, don't open the attachment.

The same goes for attachments in emails claiming that you have broken into the email account of the sender and that a criminal investigation in the matter is ongoing.

According to Sophos, a barrage of spammy emails sporting a variety of similar subject lines and containing similar claims has been hitting users' inboxes in the last few days, threatening with reporting, offering help on tracking down "the bastard who did it", or asking for an explanation - and all urging the user to check out the contents in the attached file.

Unfortunately for those who aren't able to resist their own curiosity or are easily swayed by empty threats, the attached file contains a Zeus/Zbot Trojan variant which, once run, will promptly be installed on the victims' computer and start logging confidential information and online credentials.

As many times before, users are advised to never download attachments contained in unsolicited emails, and to be especially wary of emails that evoke an immediate and strong emotional reaction - even when they seem to be coming from friends.


(IN)SECURE Magazine issue 45 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Mar 4th