If you get an email claiming your wire transfer has been rejected, think twice before clicking on any link in the message: chances are, it's a dangerous malware attack.
Security vendor Sophos said it has intercepted a recent wave of such emails that it said may have been spammed around the world.
"The emails all claim to be related to a rejected wire transfer. Although most savvy computer users would realize that unsolicited email is unlikely to be legitimate, there are some who might be vulnerable or merely curious enough to click on the HTML attachment, not realizing that it can cause problems for their PC," it said in a blog post.
Sophos said this was similar to the attack involving a fake Facebook photo tag notification - it also uses the Blackhole kit to exploit computers.
While the subject lines of the emails may vary, they are related to a supposed "Wire Transfer Confirmation," it said.
But the payload is an attached file, "Wire_AMBA01-Rejected.htm," which Sophos products detect as Troj/JSAgent-CK.
Clicking or opening the file may display a seemingly harmless message, "Please wait a moment. You will be forwarded..."
However, Sophos said the HTML code in the file will redirect the victim's computer to a hacked Russian website that hosts the Blackhole exploit kit.
"Within seconds your computer will most likely be infected by malware," it said.
Sophos advised computer users to keep their security up-to-date, including keeping antivirus software updated and installing the latest software patches. — TJD, GMA News
