Alarm sounded over Peter Pan panto malware
Phishing scam dupes victims over panto ticket claims
Firms have been warned not to open an email claiming to contain tickets for a Peter Pan pantomime in Bournemouth.
The email is targeted at SMBs and purports to confirm a ticket order from a genuine company BH Live.
However, the email does not come from the company and carries an attachment containing malware.
The email is titled Confirmation of Order and urges the recipient to click on an attachment to print their tickets, which have been charged at 145.
The attachment then tries to install malware on a target machine, including a cryptolocker as well as other malware designed to sniff out highly sensitive information such as usernames and passwords. The malware is thought to be almost undetectable by current anti-virus software.
According to research carried out by IT security firm ThreatExpert, the malware tries to contact servers in France and Belarus.
Derek Knight, who runs security blog My Online Security, said the emails have random order numbers in the subject and the zip malware file has the same number as the order number.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"All of these emails use social engineering tricks to persuade you to open the attachments that come with the email," he said.
"Be very careful when unzipping them and make sure you have show known file extensions enabled', And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened," he added.
A statement issued on the website of the Bournemouth Pavilion said: "Emails have been sent to a number of recipients purporting to be from BH Live. Initial investigations suggest that emails did not originate from BH Live's systems or network. Please do not open any attachment or click any links. We will post updates via our website and social media. We apologise for any inconvenience."
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.