Skip to content

Malicious spam campaign pretends to be from Sophos

Sophos is aware of a widespread malicious email campaign sent out with subject lines like this:

These emails claim to come from addresses such as:

Please note that this attack did not originate from Sophos, and there is no indication that we have been compromised in any way.

Unfortunately, the “From” address in an email is part of the email itself, just like the subject line or the message, so the email sender gets to choose whatever they want.

Cybercriminals often pick an official email address from a legitimate business that is somehow related to the subject line of their spam, or scam, or malware.

They do this in order to make their emails look more realistic at first sight.

As far as we can tell, most if not all of emails in this attack included malicious attachments with names such as:

These infected ZIPs contained JavaScript files that would almost certainly try to infect you with ransomware if you were to open them.

Here’s our advice:

If you come across suspicious emails or attachments from this or any other malware attack and would like to report them to Sophos, please see our instructions on How to submit samples to Sophos.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!