I’ve received a few emails with a subject “Appliances Online - Receipt - Order 198662” or similar over the last few hours. The email includes an attachment which contains email and should be deleted immediately. These emails are not from Appliances Online and represents a very targeted malware attack most likely aimed to catch Appliances Online customers off guard.
Out of interest I decided to check the Appliances Online site and there was nothing on the main site. I then decided to check just in case they used social networking to let people know and eight hour ago they wrote a post to let their users know. This is quite good because the emails started appearing around that time. Personally I think businesses should put a notice prominently on their main page. It isn’t the company’s fault that someone decides to target them as part of some form of scam/malware attach, but not everyone will go the extra step to look for a link to a social networking site.
Out of interest I decided to check the Appliances Online site and there was nothing on the main site. I then decided to check just in case they used social networking to let people know and eight hour ago they wrote a post to let their users know. This is quite good because the emails started appearing around that time. Personally I think businesses should put a notice prominently on their main page. It isn’t the company’s fault that someone decides to target them as part of some form of scam/malware attach, but not everyone will go the extra step to look for a link to a social networking site.
I should also add I'm not an Appliances Online customer. I've never dealt with them and in fact never knew about them. To me this means this is a widely distributed email attack sent to anyone with some of the recipients being Appliances Online customers.
As a word of caution I noticed in the Facebook comment that Appliances Online were saying the emails weren't from them because they didn't use the return email address used in the faked email. In my opinion it is not a good idea that they have now published all the email addresses they do actually use. That could be used in future attacks to make the attacks look even more legitimate.
Of the three emails I received two originated from America and one came from China. None came from Australia. The source location of an email is another indicator which can be used to identify faked emails. Many of the antivirus programs used in Australia don't currently identify the attachment as malware so most people will not be protected against the malware and infection.
As a word of caution I noticed in the Facebook comment that Appliances Online were saying the emails weren't from them because they didn't use the return email address used in the faked email. In my opinion it is not a good idea that they have now published all the email addresses they do actually use. That could be used in future attacks to make the attacks look even more legitimate.
Of the three emails I received two originated from America and one came from China. None came from Australia. The source location of an email is another indicator which can be used to identify faked emails. Many of the antivirus programs used in Australia don't currently identify the attachment as malware so most people will not be protected against the malware and infection.
Kelvin Eldridge
Online Connections
Call 0415 910 703 for computer advice and support.
Thanks I too got it yesterday and I promptly removed it as it is an executable file.
ReplyDelete