Bogus “Statement of Fees” Spread Trojan

According to researchers at the security company 'Sophos,' they have found a widespread malware assault, which cyber criminals are spamming to Internet surfers worldwide through e-mails displaying the subject line "Statement of fees 2009/2010."

Typically, these e-mails state that a statement is attached detailing the fees as per the request, and a copy will be sent via post the same day. Since a different section will deal with the accommodation, the request has been passed to that division, the messages continue.

While such kinds of e-mails such aren't harmful, the actual attack is from the attached document.

Sophos states that the file embedded in the e-mails as an attachment is named Statement_of_Fees_2009-2010.zip. It carries a Trojan, which the security company identifies as Mal/Zbot-U. Mal/Zbot-U can monitor users' activities as well as enable an attacker to control a Windows computer remotely. According to Sophos, various variants of Mal/Zbot-U may carry out various malicious actions, but they typically intercept keystrokes.

Additionally, Sophos claims that the .zip file is also named Troj/Invo-Zip. This malware is part of .zip archives' group carrying malicious programs, and is frequently disseminated through bogus invoices and similar spam mails.

The "Statement of Fees" scam isn't new. During August 2008, the bogus messages arrived with the subject line "Statement of fees 2008/09." The attachment in the e-mails represented a malicious program, which Sophos recognized as Mal/EncPk-ES.

While remarking about the spam campaigns, the researchers stated that online crooks were trying all methods to infect the maximum number computers. Not only were they devising new techniques of attack, but were employing old tactics as well. Everything turned out effective when computer users didn't have the knowledge while clicking on all sorts of attachments and links that might or mightn't be legitimate.

Hence, it is advisable that users should remain cautious and avoid download abovementioned or other attachments containing malicious programs. Moreover, they should ensure that they can recognize the clues related to the tactics, hackers frequently employ. Finally, users should maintain their systems up-to-date with reliable security software.

Related article: Bugs Swell In Browsers in 2006

» SPAMfighter News - 6/23/2010