Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Symantec Unveils New Spam Scam

According to security vendor Symantec, a new spam campaign circulating on Internet features as a credential-stealing Trojan. This Trojan is hidden in attachments with subject lines that sound safe, but could actually end up stealing user's personal information such as banking details, when clicked.

The security firm's advisory reveals that the Trojan.Zbot comes as a zip attachment in an unsolicited email that appears something like a birthday invitation, a resume or a collection of photos.

According to Samir Patil, a Security Researcher at Symantec, the size of attached file is 119KB and it frequently displays pseudo-random file names like "pricing.zip", "lance armstrong.zip", and "resume.zip", as reported by internetnews on August 16, 2010.

Further, Symantec officials disclosed that the Trojan has so far been found attached to emails with subject lines like "Resume & Coverletter Feedback", "First Birthday Invitation", "Employee Orientation" and "Your reservation is confirmed- Ref. 00338/058758".

Patil further said that the Trojan had been mainly designed to steal sensitive information such as banking details or online credentials, but it could be modified to collect any sort of information from the compromised machine, as reported by eSecurity Planet on August 16, 2010.

Commenting on the Trojan, security experts said that so far in 2010, the socially engineered flaw had become a norm rather than an exemption as hackers enhanced their infection success rate by creating a malware that used terminology and graphics found on popular social networking websites such as Twitter and Facebook.

The emergence of this approach has corresponded with more dangerous strains of malware, especially the two headed trojans that look for log-in credentials, banking information and users' passwords. Malware distributors are trying their best to ensure that internet users could be deceived, utilizing what appears like benign subject lines in unwanted emails to steal log-in credentials like banking information and passwords.

Hence, security experts at Symantec recommend users not to open any links with these subject lines and other suspicious emails that contain links or attachments. Symantec also advises users to install anti-virus and anti-spam solutions into their machines and keep them up to date to avoid the compromise of personal machines.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

ยป SPAMfighter News - 8/21/2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page