A fast breaking email pertaining to be from the American Express Fraud Department fraud@aexp.com has hit more than 135,000 plus inboxes with the intention of having the recipient download files containing malicious software.
The email scam with the subject “Statement of Accounts” first hit inboxes on Monday 7 October. As of midday, Wednesday 9 October MailGuard had stopped 135,039 emails from reaching client's email networks thanks to its triple layer anti-virus protection.
According to MailGuard security experts, the email once opened, contains disclaimer like information but little or no information about what to do with the attached ZIP file. When users open the ZIP file and run the executable within it, their computer is infected with a trojan. At present this trojan downloads and installs other malicious software.
Companies need to be wary of applying blanket white list policies to large financial institutions as online scammers will often use these domains - to execute their hoax. Large financial institutions will generally send emails in a way that passes most spam checks, and therefore even with stringent anti-virus protection in place, any legitimate emails should still get through to the recipient.
Fast breaking viruses are dangerous and can spread rapidly. Just after 10am AEST, independent industry aid Virus Total reported that the suspect attachment was only being detected by around 20 of the 48 major anti-virus providers.
MailGuard recommends to business and individual recipients of this email, and others like it, to not open it. Unexpected or unsolicited emails and their attachments, should never be opened. Financial organisations, like banks and the ATO, simply do not send these types of emails.
