Malware Spam: Paypal Security Warning

There is a new wave of emails pretending to come from Paypal having a ZIP archive attached.

The email claims that your Paypal account has been accessed by a third party and, in order to protect your account, the Paypal account has been locked. The user is invited to review the report attached to the email, a ZIP archive, containing a single executable file a naming scheme like account-<number>-report.exe.

There is no link inside the email, so everything is “easy to use”: the recipient of the mail needs just to extract the file and execute it.

Please don’t do that as the ZIP archive contains a malware detected by all Avira products as dropper DR/Delphi.Gen.

Sorin Mustaca
Manager International Software Development