There seems to be a huge increase in this recently, indeed I 'received' the Skype message this morning - I say 'received' because my ISP does a really good job of screening these out and puts them into a folder that I need to access via webmail - I just looked and there are 12 alone in the last 5 days - all with zipped Windows executables as the attachments
You have a Skype voicemail. PSYCHE! It's just some fiendish Trojan-flinging spam
A spam run of fake Skype voicemail alert emails actually comes packed with malware, a UK police agency warns. Action Fraud said the zip file attachments come contaminated with a variant of the notorious ZeuS banking Trojan. Messages typically come with the subject line “You received a new message from Skype voicemail service …
-
Thursday 28th November 2013 12:59 GMT Anonymous Coward
OK - i'm a f***ing idiot - I clicked on it (I do get real voicemails) then whilst distracted clicked again. 2 seconds later I realised what an idiot I was, pulled the cable out, came off networks etc. I ran Norton - found nothing....
Anyway key question - what to do next - any clues for idiots like me?
-
Thursday 28th November 2013 14:04 GMT N2
I clicked on it?
Really? Isnt that weve been trying to educate users to not do for about 20 years?
"I ran Norton - found nothing...." I wish I had a pound for every time Ive heard or read that.
I suggest you wise up to such 'social engineering' threats, or standby to see your bank account emptied.
-
-
Friday 29th November 2013 15:13 GMT Pascal Monett
invest in a proper Anti-virus package ?
Find me one that actually works and I'll buy.
In the mean time, the best anti-virus package is a skeptical brain that does not click on attachments willy-nilly without knowing where they come from, what they contain and how useful they are supposed to be.
Of course, that also means you don't open an attachment while thinking of something else.
Think of every attachment as a black alley at one in the morning : in other words, the risk of mugging is HIGH.
Be paranoid about what you accept on your system BEFORE accepting it. Once it's there, it's already too late.
-
-
-
Thursday 28th November 2013 13:49 GMT Bob Dunlop
Re: Why single this one out?
I suspect scenario goes.
Dump plod clicks on attachment and gets caught.
To cover his embarisment desides to make it the cause for alert.
The Skype message is so last week, looking at my filter output it's all DHL alerts this week, actually they have been running for some time.
Using mutt/spambogo here so I guess I'm well insulated.
-
-
Thursday 28th November 2013 13:54 GMT Jess--
a quick look at one of my honeypot accounts reveals the following variants all landing in the same honeypot within a short time of each other (suggesting the same source)
DHL Delivery Report - Delivery Status ID_{10 digit hex number}
DHL REPORT - DHL Report ID:{10 digit hex number}
HSBC Bank Plc - You Have (1) New Security Message
PayPal - Security measures against impairment of the safety information
Skype - Voice Message Notification
Skype Communications - You received a new message from Skype voicemail service
Skype Voice Message - New Voice Message
-
Thursday 28th November 2013 18:06 GMT JC_
I downloaded and extracted the zip just to see what was inside (super smart, I know...) and MS Security Essentials detected the trojan immediately.
The social engineering was pretty smart - lots of us use Skype and, as mentioned, it had a bunch of guff that looked believable and the links were all to the actual Skype domain. Stupidly that was all I checked, rather than the sender's email address which was clearly not from Skype.
-
Thursday 28th November 2013 19:38 GMT Number6
Voicemail?
It helps that I've never bothered to set up (and presumably pay for) Skype voicemail. This small fact didn't stop 68 (so far) voicemail notifications landing in my junk mail account, but at least I wasn't tempted in the slightest to open any of them. Having my own domain and using different email addresses for different organisations makes it really easy to filter the crap, most of it comes in to the wrong address and on the very faint chance that one manages to guess the correct one, the presence of all the other near-identical messages to other addresses surrounding it show it up as a fake.
-