Inter-company invoice emails carry malware

InvoicesHave you received an unexpected “inter-company invoice” from a company for the period January 2010 – December 2010?

If so, chances are that your computer is being targeted by cybercriminals who are using the disguise as a method to infect your computer with a Trojan horse.

Companies such as Beazer Homes, KPMG, Miltek, Kraft Foods, and Safeco are named in different incarnations of the malware campaign, that is designed to trick you into opening the attached ZIP file.

Even if you haven’t done business with the company referenced in the email, you might be tempted to open the attachment (which have names like,, and out of curiousity.

Inter-company invoice emails carry malware

Of course, the emails have not really been sent by the companies that are named in them, and the sender’s address has been forged.

Sophos products intercept the malware as the Troj/Agent-TBO Trojan horse, and the ZIP files themselves as Troj/Invo-Zip.

Remember, once malicious code has run on your computer, it’s up to an unknown hacker what happens next. They can open a backdoor onto your computer to steal information, display fake anti-virus alerts, or compromise your PC to make it part of a botnet.

The best defence is not to fall for such attacks in the first place, by keeping your anti-virus protection up-to-date and keeping your wits about you.