Sophos has warned users of the Clagger.H Trojan. The Clagger.H is a password-stealing Trojan that claims to be from Paypal.


Sophos has warned users of the Clagger.H Trojan. The Clagger.H is a password-stealing Trojan that claims to be from Paypal.

The email comes with the subject: “Notification: Your Account Temporally Limited”.

The body of the email is:

“Dear PayPal customer!
As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.We requested information from you for the following reason:

We recently received a report of credit card use associated with this account. As a precaution, we have limited access to your PayPal account in order to protect against future unauthorized transactions.You can check your transaction details in attachment.
Case ID Number: RR-0922-014

If, after reviewing your transaction information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking “Contact Us”.
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

Sincerely, PayPal Account Review Department
PayPal Email ID RR-0922″ [Source]

Graham Cluley, senior technology consultant at Sophos, said: “A simple spelling mistake in the subject line should alert innocent recipients that this isn’t a genuine message from PayPal. A real message from PayPal would never contain an attached executable file, and people should always think carefully before running unsolicited code on their computer.” [Source]

For more information on Clagger.H, Source.

 

 

 

 

Sharing is caring