Symantec Unveils New Spam Scam

According to security vendor Symantec, a new spam campaign circulating on Internet features as a credential-stealing Trojan. This Trojan is hidden in attachments with subject lines that sound safe, but could actually end up stealing user's personal information such as banking details, when clicked.

The security firm's advisory reveals that the Trojan.Zbot comes as a zip attachment in an unsolicited email that appears something like a birthday invitation, a resume or a collection of photos.

According to Samir Patil, a Security Researcher at Symantec, the size of attached file is 119KB and it frequently displays pseudo-random file names like "pricing.zip", "lance armstrong.zip", and "resume.zip", as reported by internetnews on August 16, 2010.

Further, Symantec officials disclosed that the Trojan has so far been found attached to emails with subject lines like "Resume & Coverletter Feedback", "First Birthday Invitation", "Employee Orientation" and "Your reservation is confirmed- Ref. 00338/058758".

Patil further said that the Trojan had been mainly designed to steal sensitive information such as banking details or online credentials, but it could be modified to collect any sort of information from the compromised machine, as reported by eSecurity Planet on August 16, 2010.

Commenting on the Trojan, security experts said that so far in 2010, the socially engineered flaw had become a norm rather than an exemption as hackers enhanced their infection success rate by creating a malware that used terminology and graphics found on popular social networking websites such as Twitter and Facebook.

The emergence of this approach has corresponded with more dangerous strains of malware, especially the two headed trojans that look for log-in credentials, banking information and users' passwords. Malware distributors are trying their best to ensure that internet users could be deceived, utilizing what appears like benign subject lines in unwanted emails to steal log-in credentials like banking information and passwords.

Hence, security experts at Symantec recommend users not to open any links with these subject lines and other suspicious emails that contain links or attachments. Symantec also advises users to install anti-virus and anti-spam solutions into their machines and keep them up to date to avoid the compromise of personal machines.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

» SPAMfighter News - 8/21/2010