Fake Vodafone or Telstra MMS Email with Malware Attached
The Malicious Email Message
From: mms @vodafone.co.uk
Subject: You have received a new message
You have received a picture message from mobile number +447775226358
To save this picture, please save attached file.
The email messages appear as if it came from the following email addresses:
- mms @telstra.com.au
- mms @vodafone.com.au
These email messages were not sent from these email addresses, but were spoofed, in order to trick the recipients into believing the messages were sent from Vodafone or Telstra.
The attached Zip file,Vodafone_MMS-uk.zip, contains the file Vodafone_MMS-uk.jpeg.exe, which has been detected as the malwares: Troj/Agent-YXP and VirTool:Win32/Obfuscator.ACP; Backdoor.Win32.Androm.sed
If you look carefully at the file "Vodafone_MMS-uk.jpeg.exe", you will notice that it ends with ".jpeg.exe". This is another trick by the cybercriminals behind this malicious email, used to deceive the recipient into believing the attachment is a Jpeg photo. Jpeg photos end with the extension ".jpeg".
So, if your computer is not configured to view file extensions, you will think the malicious attachment is a photo.
This malicious file cannot infect your mobile devices; it will only infect computers running Microsoft Windows.
Never open any email attachments with the extension or file name ending with, ".EXE". Always be careful when opening email attachments.
Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Click here help maintain Online Threat Alerts (OTA).
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
NB: We will use your IP address to display your approximate location to other users.