If you are a Vodafone customer, be wary of emails seemingly sent by the service notifying you of a picture message you have allegedly received (click on the screenshot to enlarge it):
This particular variant of the email targets the company’s UK customers, but identical emails with only the sender’s email address and the fake mobile phone number changed in order to trick German users were spotted as well.
The email instructs recipients to save the attached file (Vodafone_MMS.zip) in order to save the sent picture.
The archive file contains an executable posing as an image file – Vodafone_MMS.jpg.exe, and H Security rightly points out that users who chose not to have file extensions shown on their computers are in danger of falling for the trick and opening the file.
If they do, they will be saddled with a variant of the Andromeda downloader Trojan, and their computers will be open to further infection.
As always, users are advised never to download and open attachments from unsolicited emails.