Fake Apple Store Invoices Deliver Malware
A massive spam campaign addresses recipients by their names, and identifies itself as a 'third reminder' to pay an invoice.
The invoice arrives as an attachment in a ZIP archive containing a file called Rechnung.scr, which Avira detects as TR/Rogue.957311 and TR/Kazy.169263.1.
While the researchers don't identify the Trojan's functionality, they note that the spam campaign is unique in that it addresses recipients using their full name, and the attached ZIP archive is also named using the recipient's full name.
It also refers to itself as "Dritte Mahnung," or "third reminder."
"Usually, after the third demand the companies send the unpaid invoices to a lawyer," notes Avira's Sorin Mustaca. "This is public knowledge in the German speaking countries."