Here we go again — another invoice spam run!
Apparently, invoice spam has recently gained popularity among spammers.
We’ve seen invoice spam runs related to UPS, FedEx, and of course, German-language Rechnung spam receipts. Now, this new invoice spam claims to come from Western Union, informing recipients that their credit card-issuing bank has halted the transaction by the demand of the “Federal Criminal Investigation Service”.
Below is a screenshot of the spam:
Recipients are instructed to contact Western Union and bring their ID card, credit card and invoice file. The sender (whose name is also bogus) then instructs the recipient that the invoice file is in the attached compressed file, and should be printed out.
Unfortunately, the compressed attachment does not contain an invoice, but rather a malicious executable file named MTCN08662112.EXE.
MTCN08662112.exe is detected by Trend Micro as TSPY_ZBOT.WC.
Spam emails related to this attack are now blocked by the Smart Protection Network.