A malicious spam message, titled “FW: Scheduled Event Notification” serves as an alleged notice that whatever organization you’re working for is hoping to prepare for an upcoming fire safety test that 3/10 of employees fail.
To make sure you’re not a part of this month’s failing 30%, you’re advised to download the attached file, “Fire Safety Guidance.pdf.zip” before tomorrow (4/17/12):
Subject: FW: Scheduled Even Notification
From: Jessalyn Escuriex – Department of Human Resources (jessalynescuriexzmgh[at]mail.com)
It might be useful for you to know that we are participating in a joint event with Fire and Counter Terrorism Safety including 4 written tests on Friday.
Last month three in ten employees surveyed could not pass the Fire Safety test.
Each of you will find enclosed a Fire Safety Guidance and your role description. Please take a look at the enclosed materials before 17th of April.
Department of Human Resources
However, it is important that you do NOT download the attached file as it contains malware that Sophos identifies as Mal/BredoZp-B.
One thing I found particularly alarming about this malware is that according to VirusTotal scan results, only 10/41 antivirus programs were able to detect the infection. Surprisingly, popular antivirus software by highly-reputable companies like F-Secure, TrendMicro, Microsoft, McAfee, Avast & F-Secure were not among the 10 applications that sniffed the malware out.
Remember, it is never a good idea to download files from unsolicited emails – even if they appear genuine. Antivirus software is only one of many layers of protection and is never 100%. It is important that you exercise caution and always remain vigilant when sifting through your inbox to minimize your chances of downloading a malicious file attachment.
If you receive this email, feel free to delete it without downloading any files attached.
In the future, if you receive a suspicious email with a file attachment that you simply cannot resist downloading, I recommend that you at least scan the file before downloading it.
Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet, “Like” us on Facebook or add us to your circle on Google+.