We all love McDonalds simply because it just never stop giving us promotions and free stuff. You can print the voucher for redemption via facebook, newspaper, or magazine. But did McDonalds ever give any free stuff via email? What would you react when you received an email from Mcdonalds inviting you to a free breakfast and require you to print out some invitation card attached to the email. Would you open the file and print that out? Below is a piece from Naked Security on this news.
I don’t know if you’re the sort of person who wakes up in the morning, and the first thing you long for is a McDonalds’ breakfast – but if you are, you might just be exactly what malware authors are looking for.
Researchers at SophosLabs have seen a malicious email that has been spammed out across the world in the last couple of days pretending to come from McDonalds.
The email claims that the fast-food giant is offering free breakfasts in each and every of their many thousands of restaurants around the globe. Chances are that there are many people who would love the prospect of munching on a McDonalds first thing in the morning.
Part of the email reads as follows:
McDonalds invites you to The Free Breakfast Day which will take place on 26 June, 2011, in every cafe of ours.
Free Day’s menu!
- Ranch Snack Wrap (Crispy)
- Chicken Selects Premium Breast Strips
- Premium Caesar Salad with Grilled Chicken
- Strawberry Triple Thick Shake
- McCafe Hot Chocolate
Print the invitation card attached to the letter and show it at the cash desk of any of our restaurants.
But beware! There is no such thing as a free
The attached file is, of course, malicious. Sophos detects the ZIP file asTroj/BredoZp-DV and the Invitation_Card.exe file contained within as theTroj/Bredo-HU Trojan horse.
In an attempt to fool computer users into believing the file is safe, the EXE file has a Word icon.
Don’t forget – you should always be suspicious of unsolicited attachments sent to you via email!
It is strange though McDonalds is not any bank or finance company around. However, the plan of infecting McDonalds users is to plant a Trojan into the user’s computer and then only start attacking when the user starts browsing banking websites and making transactions. In the 20th century, I can say 70% of the McDonalds perform internet banking and it is worth planting a Trojan into their computer.