An email worm called NetSky is sending out various kinds of malicious emails to the same address.
One case in point is a malicious email supposedly came from PayPal, then one from USA Hosting and one from Symantec, said researchers at Kaspersky Lab.
The fake notifications contain a line or two of text that reads something like “your bill is attached to this email” or “Your email account is expired. See details to activate it.” The message that apparently comes from Symantec warns recipients of a virus infection.
The file attached to these emails is a variant of the NetSky worm. Once it infects a computer, the threat searches all email addresses, and sends them a message containing a copy of itself, researchers said.
If email addresses that belong to an antivirus company end up found, the worm ignores it.
It’s worth noting the emails go out over longer periods. Kaspersky said the three notifications they received came over the course of a month.
Fortunately for users, these malicious messages are easy to identify because they look nothing like the legitimate emails sent out by PayPal, USA Hosting or Symantec. They don’t contain any logos and the fact they instruct users to open an attached archive file is highly suspicious.
If a user gets one of these emails, just delete it. If the user opens the attachment, scan he or she should scan the computer with an updated security solution, Kaspersky researchers said. It might also be wise to notify contacts about the emails that might go out from your device.