Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev

Spamvertised Easter Greetings lead to malware

By Dancho Danchev | April 20, 2011, 6:46am PDT

Summary: Security researchers from McAfee are reporting on a currently ongoing event-based social engineering attack, aiming to trick users into clicking on a link found in a malicious email.

Security researchers from McAfee Labs are reporting on a currently ongoing event-based social engineering attack, aiming to trick users into clicking on a link found in a malicious email.

The spamvertised emails come using “Easter Greeting from Alex” subjects, and are using an animated image including a “Download Animated Greeting Here” body. Upon clicking on the link, the user is exposed to a password-stealing malware variant of PWS-ZBot.

With Easter only a few days away, cybercriminals are quickly adapting to the event-based social engineering potential presented by the holiday.

Users are advised to avoid interacting with suspicious links and email attachments found in email messages.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Malware Watch: 'Spam is sent from your FaceBook account'; Spamvertised malicious photos

Netcraft survey indicates slow adoption of Extended Validation SSL certificates

Topics

Security, Cyberthreats, Malware, Social Engineering, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Full Bio
Disclosure
Contact

Vendor HotSpot

The 360° Conversation around Cloud Computing

TECH VISUALIZER brings the social conversation to life... powered by Brocade

Learn More »

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Ask a Question Start a Discussion

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

Just In

RE: Spamvertised Easter Greetings lead to malware

FAULKNE 13th Oct

Good day to confirm this comment I would appreciate T h e b e s t o f Z D N e t d e l i v e r e d your website very nice to everyone Yes, Oracle is the only one with shared-disk architecture, but that is there advantage. It means you can add or remove nodes and the database lives on. In a shared nothing architecture, if you lose a node, you lose the system. I'm sure Oracle appreciates EMC highlighting their advantage.I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate Awesome post! Thank you very much || thanks for nice content this is really benefit to me.

View in thread

Please Select
Please Select

0 Votes

+ -

Ah, the double standards...

SonofaSailor 20th Apr 2011

if this were an Apple product, say, the iPhone or iPad...

then, this would simply be a functional advantage of Mobile Me, but since it's Windows it has to be malware.

Reply
Flag

0 Votes

+ -

RE: Spamvertised Easter Greetings lead to malware

Synate.Deszeld 21st Apr 2011

apple itunes has a security issue as well so watch it as well. am unsure if its apple/mac itunes though. may be windows, not sure though. though would not mind trying an qpple/mac just ta see what its about. but i love my windows but apple/mac looks cool to.

Reply
Flag

0 Votes

+ -

RE: Spamvertised Easter Greetings lead to malware

MEJIAHA 30th Sep

Fantastic news about the new release.I positively enjoying each little bit of it and I have you b o o k m a r k e d to check out new stuff you weblog post.Im not sure i come to an agreement with you on every level, howevor it absolutely was a good posting, many thanks for taking the time to put up your ideas