Analysis by: Neil Pondo

In time for the upcoming tax season, Trend Micro spotted samples of spammed messages posing as Fidelity Investments, a well-known American financial institution.

The email, which is in a newsletter-format, contains the subject 'Your statement is ready for your review'. It informs receipients that his/her tax statement is attached and ready for review. The attachment, however, is a .ZIP file containing an executable file, which was found to be malicious. Trend Micro detects it as TSPY_ZBOT.TYR.

Users should watch out for such spam campaigns, specially that the tax season is near. Always double check the legitimacy of these messages and refrain from downloading the files attached. If found malicious, delete these from your inboxes.

 SPAM BLOCKING DATE / TIME: January 20, 2012 GMT-8
 TMASE INFO
  • ENGINE:6.8
  • PATTERN:8656