Technologies come and go, but socialengineering remains the most popular technique used to propagatemalware. This tried and trusted method has been around since theLoveletter days, and malware authors don't seem to be giving up on itjust yet. This year we've seen Trojan.Peacommin a number of guises – from videos of current news stories topostcards from loved ones. However, the one "disguise" that we see mostconsistently is in the form of the humble invoice.
Recently, we've seen a spate of malware circulating (in Germany inparticular), masquerading as various invoices. The year started with aspam run of Trojan.Schoeberl.Epurporting to be a bill from German ISP 1&1. Since then, we've seenmalware disguised as bills from a variety of firms such as Ebay andIKEA, as well as an Internet dating site. Typically the emails containan attachment with a variation of the name rechnung.pdf.exe ("rechnung"is the German word for bill or invoice). The attachment is usually a downloader of some description, which subsequently downloads further malware.
However, most recently we've seen these attachments being replacedwith malicious links, most likely to evade email filters. This was thecase with an email seen on March 19, 2007, which was supposedly aninvoice for an Apple iPod purchased from the Apple store. Users whoclicked on the links contained within the email were prompted todownload a file called syme.exe, which is a copy of W32.Spybot.Worm.This time around it wasn't just the German public who was targeted –copies of this email have been seen in English as well as German.
There are a number of measures users can take to avoid being victimsof social engineering. If you know that you haven't placed an orderwith the organization concerned, then you should instantly besuspicious. Check the Web site of that organization – they will oftenissue warnings regarding false emails that are circulating. Also, bewary of emails that begin with "Dear Customer" – legitimate emails willgenerally contain your name. Finally, if like me, you have a habit ofignoring bills, then you have nothing to worry about!