A Trojan horse has been detected in spam emails notifying recipients that they have been charged almost $500 to pay for a non-existent Apple iPod.
The Dowdec-A Trojan arrives in the messages claiming to be related to the purchase of an iPod. The emails claim that the music player is being shipped via FedEx and that a payment of $479.95 has been received from the recipient's e-gold account.
The malicious emails have the subject line 'Track your order'. The message body reads as follows:
Please read the following message carefully.
We notify that your order was approved and shipped to you via FedEx 2Day Service, track 792531968828.
The amount of $479.95 USD was recieved from your e-gold account.
The details of transaction and specification of chosen product we send you in self-extracting compressed-zip file.
Read it carefully to make sure that there's no mistakes in characteristics of chosen product.
We appreciate your choice!
According to the rules, refund must be based on your original method of payment. Any requests to refund using e-gold are not accepted, if the payment method was credit card.
IPod For Your, Yahoo Shopping.'
Security firm Sophos warned that a file called OrderInf.zip, which unpacks to OrderInfo.exe, is attached to the emails. Executing this file infects the user's computer with a Trojan that attempts to download further malicious code from the internet. The Trojan only works on Windows computers, and cannot infect Apple Macs.