Zeus Spam Changes Tactics

McAfee Labs Messaging Security recently observed a new malicious spam campaign pushing password-stealing Trojans associated with the Zeus/Zbot family. This campaign leverages several notable social engineering techniques.

For admins and netizens familiar with contemporary email-borne threats, a message purporting an undeliverable DHL, FedEx, or USPS package triggers an immediate red flag. Though still prevalent, those themes have begun to run their course. This campaign changes themes to include “Puget Sound Energy Paperless Billing,” “Business Meeting Notes,” and, most recently, “King County Ecommerce Payments.”

 

While still employing familiar elements (for example, filenames of “$malware.pdf.exe” that rely on the default Windows configuration that hides extensions for known file types), these messages are representative of the modern approach to malware delivery: Target the recipient with emails designed to provoke curiosity.

McAfee Customers are protected against these threats from cloud to appliance, and gateway to end point. Remember folks: defense in depth.

Virus Information:

PWS-Zbot.gen.dx!5838BFF382CA