Spam filters and email authentication exist for a reason - we more or less trust them to cipher through unwanted junk that could potentially harm us or our computers. But what happens when we are subject to malware from a legitimate email?
Proofpoint researchers recently found a banking trojan known as Chthonic that was sent through legitimate PayPal accounts either created or stolen by the hacker.
A message appears in your inbox claiming that $100 was wrongfully credited to your account, and the sender asks for it back. After clicking on the link, not only do you lose $100, but malware is then downloaded onto your computer through a JavaScript file named paypalTransactionDetails.jpeg.js.
'In a double whammy, the recipient here can fall for the social engineering and lose $100, click on the link and be infected with malware, or both," states Proofpoint's security advisory.
Clicking on the link will also download a new type of malware called "AZORult", a module which Proofpoint is investigating since it was discovered.
As always, it is important to remain cautious of unknown recipients asking for money over the internet, and to take extreme caution when clicking on links or opening attachments.