Sophos is warning of a fake Groupon email carrying a Trojan instead of a group discount from a friend.
The email mimics the real online coupon company’s branding, but a clue that the message is not legitimate is a misspelling in the subject header: “Groupon dicount gifts.”
The fake offer opens with the line, “You’re going to love it. We are glad to inform you that one of your friends has found a great deal on Groupon.com! And even shared it with you!” It then explains that Groupon.com now has the capability to share discounted gifts in an attachment, where all of the details allegedly are located. Recipients have two days to act on the offer.
Clicking the attachment unleashes a variant of the Bredo malware that targets PCs running Windows.
Users are urged to keep their anti-malware software up to date to avoid infection.
“It’s easy for anyone to make a professional-looking email using the branding of a well-established website in their attempt to lure you into opening an attached file or clicking on a dangerous web link,” Sophos senior technology consultant Graham Cluley wrote.