The email persuades the user to open the attached zip file to find out more information. Users that follow through and open the file infect their own system and become part of the threat.
The very legitimate looking email below is just one example of the scam. The email uses the actual Google logo downloaded directly from their website and easily hooks you into opening the attached file to find out more.
In this case, the downloader infected the system with a bot which immediately begins spewing thousands more of infected emails including fake e-cards from Hallmark, and invitations from social networks like Twitter and Hi5.
The Twitter email is also very well crafted to make the user believe they were invited by a friend and is legitimately from Twitter. The from address is spoofed to invitations @ twitter.com with a subject “Your friend invited you to Twitter!”. The body of the message begs the user to open the attached file – “To join or see who invited you check the attachment”. Using this clever social engineering tactic the scammers are able to peak interest in finding out who may have sent them the message. The user is tricked into opening the attachment and infecting their system.
As always, be very cautious opening any attachments and especially cautious when they are unexpected. When in doubt verify with the sender or do not open them.