Malware seen today – BT Digital File

A customer asked me about an email they received today, and I wanted to pass on a warning to anyone who receives anything like the following…

Subject: Important – BT Digital File

Dear Customer,

This email contains your BT Digital File. Please scan attached file and reply to this email.

To download your BT Digital File please follow the link below : <LINK REMOVED FOR SAFETY>

If you have any questions or forgotten your password, please visit the “Frequently Asked Questions” at bt.com or call the helpdesk on 0870 240 5356* between 8am and midnight.

Thank you for choosing BT Digital Vault.

Kind regards,

BT Digital Vault Team

*Calls charged up to 8 pence per minute on the BT network (minimum fee 5.5p). Mobile and other network costs may vary. See http://www.bt.com/pricing for details.

Please note that this is an automatically generated email for your information only. We are sorry, but we can not respond to a “Reply” to this address.

This electronic message contains information from British Telecommunications plc, which may be privileged or confidential. The information is intended for use only by the individual(s) or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this electronic message in error, please delete this email immediately.

Registered office: 81 Newgate Street London EC1A 7AJ Registered in England no: 1800000

The link in this email seems to be variable but will be designed to lull the user into a false sense of security. For example the one in my customer’s email was a school organisation, “woodingdeanptfa.org”

DO NOT CLICK ON THE LINK IN THIS EMAIL! DO NOT DOWNLOAD OR RUN ANY ATTACHMENTS THAT MAY BE INCLUDED WITH THE EMAIL!

Other subjects seen while researching this problem are:

  • We have received your secure message (from Santander)
  • Customer Account Correspondence (from Lloyds)
  • (AR01) Annual Return Received

As a general rule, never open attachments on emails that look like they may be generic, even if they are from people you know. Viruses and malware will spread through an infected users address book, making the recipients think that the mail has been sent to them by a trusted source. If in any doubt whether you should open an attachment, ask the sender whether they knowingly sent it. If you don’t know the sender, and the email is unsolicited, don’t open the attachment.

Posted in Uncategorized.

Leave a Reply

Your email address will not be published. Required fields are marked *