
CURRENT SECTION :: TechZone	UK's most visited IT Contractor Site - 250k unique visitors March 2008

Members
Subscribe to our news letter service to keep current with the latest news and information. Click here to join.

Site Navigation
Home News Contractor Alliance Free Stuff Company Formation Bulletin Board First Timers Trading Structures Legal : IR35 / IR591 Legal : S660 Tax/Legal Q&A Jobs Contract Search Urgent Contracts Overseas Guides Market Stats Money Insurance Training Directory Agency Directory TechZone Contact Us

Search
Advanced Search

News for you
RSS XML feed News feed for your site News feed information

News article sponsored by...

Maximising Contractors' Returns

Safe, effective solutions for contractors

Call now on 08702 880055

Trojan hides in IT-business contracts

Apart from a spam email claiming ‘clear up your IR35 status in a click’, it is debatable whether there could be a scam more targeted at IT-businesses contractors.

Aimed at the email accounts of PC users, a new “widespread” malware campaign is posing as B2B contracts from the likes of Google, Apple, Toyota and Procter & Gamble.

“We drew up the contract taking into account those paragraphs you’d wanted,” the mail authored by ‘Apple’ says, referring to a severance contract, said to be attached.

“Our legal experts made some recasts on the last page of the contract,” the familiar-sounding mail adds, and “if everything is ok we are prepared to pay for the first lot on Friday”.

Maintaining the same semi-official tone, the recipient is invited to click on the file, entitled ‘New_Contract.zip,’ in order that they can then reply to “Apple Manager John Ledbetter.”

Somewhat disappointingly for those expecting a payout from Apple, or any of the companies cited, the file contains no contractual details, just the malicious Trojan Invo-Zip.

“Even if you weren’t involved in any business dealings with the above companies you might still be curious enough to open the attachment to see what it contains,” reflected Graham Cluley, of Sophos.

“It is that curiosity which the cybercriminals are depending on in order to infect your computer, and potentially steal information, resources and money from you - so don’t make it easy for them.”

Other companies whose names are being hijacked by the malicious programmers include General Electric, Starbucks, Southwest Airlines and FedEx..

Rather than looking for signs the documents are official, or mailing the 'contact' to say a contract was wrongly sent, recipients were advised to simply delete the message from their account.

Dec 4, 2008

Email this article
Printer friendly page
Previous Page


All content © Contractor UK Limited	[Register for News Letter] \| [Privacy Statement] \| [Terms of Use] \| [Top of Page]