Fake virus warning from company IT department brings real malware

Emails purportedly coming from a company’s IT department has been spotted targeting users of various big companies and trying to make them download malware for the last few days.

The email contains a warning of an infection of the users’ computer and asks them to download an antivirus to clean it up:

“Although the link appears to the naked eye to point to a file called antivirus.exe on your company’s own server (for instance, if your company’s website was called example.com it would appear to link to www.example.com/download/antivirus.exe) it really directs your browser to a download on a third-party website,” explains Graham Cluley.

The offered “antivirus” is actually a Trojan. Hopefully, the poor spelling and sentence construction will alert many to the real nature of the email, but there are always those who might panic and immediately proceed to do as instructed.

So, do yourself, your colleagues and your company a favor by spreading the word. And if you’re a IT department worker, definitely consider sending an email to the other employees warning them of the matter.

Don't miss