ESET Ireland is warning Irish computer users to watch out for an email that pretends to come from Vodafone, but carries the Nemucod trojan.
ESET Ireland has come across another widely targeted malicious email. This one pretends to be a bill from Vodafone:
Clicking on the “Click here to view your bill” link downloads a ZIP file called “Vodafone bill.zip”
Tip: Turn off “Hide extensions for known file types” in your Windows File Explorer Options.
The code is heavily obfuscated, but once activated, it proceeds to download the Nemucod trojan, which is used for further downloading all kinds of malware, ranging from ransomware to backdoors and banking trojans.
Ireland has been one of the countries worst affected by Nemucod in the past, having a 50,42% detection rate in Ireland, while the world average was 15,82%.
A similar email campaign, but using BT as bait, instead of Vodafone was active in May 2017.
ESET Ireland urges caution when receiving emails like these and avoiding clicking on unverified links or opening attachments downloaded from them.
Vodafone also offers several online security tips on their website, which can help spot and prevent falling victim to cybercriminal activity.
by Urban Schrott and Ciaran McHale, ESET Ireland