Out of interest I decided to check the Appliances Online site and there was nothing on the main site. I then decided to check just in case they used social networking to let people know and eight hour ago they wrote a post to let their users know. This is quite good because the emails started appearing around that time. Personally I think businesses should put a notice prominently on their main page. It isn’t the company’s fault that someone decides to target them as part of some form of scam/malware attach, but not everyone will go the extra step to look for a link to a social networking site.
As a word of caution I noticed in the Facebook comment that Appliances Online were saying the emails weren't from them because they didn't use the return email address used in the faked email. In my opinion it is not a good idea that they have now published all the email addresses they do actually use. That could be used in future attacks to make the attacks look even more legitimate.
Of the three emails I received two originated from America and one came from China. None came from Australia. The source location of an email is another indicator which can be used to identify faked emails. Many of the antivirus programs used in Australia don't currently identify the attachment as malware so most people will not be protected against the malware and infection.
Thanks I too got it yesterday and I promptly removed it as it is an executable file.
ReplyDelete