Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Fake Airline Ticket | Main | Today at the Ol' Phishing Hole... »

November 07, 2011

Phony Invoice Malware Delivery

Don't fall for the email message and attachment claiming to be an invoice from companies you don't work with. I saw a message today that wanted me to believe I had been invoiced by Kraft Foods:

From: Quincy MIMS Kraft Foods Corp.
Subject: Re: Corp. invoice from Kraft Foods Corp.


Attached the intercompany invoice for the period July 2011 til Aug. 2011.

Thanks a lot for supporting this process

Quincy MIMS
Kraft Foods Corp.

[file: Invoice_10_26_J84240.zip]

This is the same style of campaign that has been clogging the tubes for months now — including the ones that say they were generated from an internet-connected printer. I suspect the template for this message replaces things like the company name, person's name (which is capitalized in a form common in some European countries and elsewhere...but not in North America), and attached file name with strings from mail merge-type lists.

Of course, even if I did business with Kraft Foods and was in the Accounts Receivable Department of my own firm, I'd be just as wary of this message and its attachment until I could be satisfied (through study of the email headers and other contextual clues) that this was a legitimate email. It helps, too, that my local antivirus software recognized the attachment for the malware that it was.

Posted on November 07, 2011 at 07:41 AM