A fake LogMeIn-themed email has been hitting inboxes of users around the world, trying to trick them into believing that they have somehow paid nearly a thousand dollars for a service they didn’t want.
“Dear client, thank you for purchasing our yearly plan for LogMeIn Pro on 25 computers. Your credit card has been successfully charged,” the email says. The amount charged is supposedly $999, and “the transaction details can be found in the attached receipt.”
Unfortunately for those who panic, open the attached logmein_pro_receipt.doc file and enable MS Office macros (as instructed to view the file), this step triggers the download, installation and running of malware that is capable to download even more malware and join the infected computer to a botnet.
“Details such as the subject line and the supposed payment amount may vary in different versions of the message. Some variants may have a Microsoft Excel rather than a Microsoft Word attachment,” warns Hoax-Slayer.
“If you receive one of these emails, do not open any attachments or click any links that it contains. And, unless you have a specific reason for using macros, it is best to leave them disabled in Microsoft Office.”