Vodafone customers warned of email malware virus scam



VODAFONE customers in Limerick are being warned of fake bills that are being emailed to accounts in a bid to spread a malware trojan virus.

The warning comes from ESET Ireland who are warning computer users to watch out for an email that pretends to come from the mobile phone carrier, but actually contains the Nemucod trojan.

It is understood that this latest spam is part of a widely targeted malicious email campaign.

Dear Customer,

You can now take a look and manage your latest Vodafone bill for invoice date 02/08/2017.

Your total bill for this month is £ 263.71

Don’t forget, your line rental is charged a month in advance and calls are charged in arrears

Click here to view your bill

However, clicking on the link downloads a ZIP file called “Vodafone bill.zip” which in turn contains a JavaScript file called “Vodafone bill.js”.

Because most Windows users have file extensions turned off by default, many fail to spot this is a JavaScript file, one of the very common vectors for the cybercriminals to deliver their malicious payloads.

Tip: Turn off “Hide extensions for known file types” in your Windows File Explorer Options.

If the code is activated, it proceeds to download the Nemucod trojan, which is used for further downloading all kinds of malware, ranging from ransomware to backdoors and banking trojans.

Nemucod has been heavily used in Ireland in the past and a similar email campaign, but using BT as bait instead of Vodafone, was active in May 2017.

Caution is urged when clicking on links within theses emails.

Vodafone also offers several online security tips on their website, which can help spot and prevent falling victim to cybercriminal activity.

See more news here