Emails apparently sent through Windsor Telecom’s Fax2Email service have been spotted landing in inboxes, informing recipients that they’ve received a fax message. In reality, the emails are being sent by cybercriminals as part of a malware distribution campaign.
The emails come from a spoofed address (firstname.lastname@example.org) and they carry the subject line “Fax Message on 08983092722 from.”
“FAX MESSAGEYou have received a fax on your fax number: 08983092722 from. The fax is attached to this email.PLEASE DO NOT REPLY BACK TO THIS MESSAGE,” the emails read.
The file that’s attached to them, FAX.MESSAGE.ZIP, contains an executable that’s actually a piece of malware, Dynamoo’s Blog reported.
At the time of writing, 16 of the 51 antivirus engines from VirusTotal detect the file as being malicious or suspicious.
If you’ve already opened the file, regularly scan your computer with an updated antivirus. If you’ve opened it from a work device (which is possible considering that it’s a fake fax email), notify your system administrator.