This one purports to come from IKEA, apparently I ordered something for £122.60 which will be delivered tomorrow. I didn't order anything, of course, and neither did the other people who will be getting the same (or a similar) email. So, obviously, I want to look at the enclosed DOC file, "IKEA receipt 607656390.doc". The SHA-266 for this file is
and at least 20 people have received this file, uploaded it to VirusTotal and given their opinion that it's malware.
I haven't analysed the file, because I don't run a virus lab; I don't have an isolated computer on which I can run malware, happy that if the malware does something dreadful, I can just wipe and reload the computer. But A) it's a DOC file and B) the first DOC file virus (winword.concept) happened 20 years ago and Word macros can still do malicious things and C) I didn't order anything from IKEA and D) several products do flag it as malware.
Well, reading the enclosed file is what I'm supposed to do. Actually, I uploaded it to VirusTotal. 5 out of 55 products found a problem. 50 products didn't see any problem, so let's list the 50 products that failed.
Is the AV product that you use, in this list?
Are you a techie working for one of these companies? Because if you are, you must find this intensely embarrassing.
Are you a marketroid working for one of these companies? Because if you are, I'd love to hear your explanation for why this is happening.
Are you a shareholder in one of these companies? Because if you are, perhaps you need to ask pointed questions at the next shareholder meeting.