Airline company British Airways appears to be the supposed sender of a spam run Trend Micro has uncovered. The spam run attempts to lure users into opening a .ZIP attachment by posing as an approved travel itinerary. Unsuspecting users opening the attachment are actually opening malware. The malware in this spam run is found to be a ZeuS variant known as TSPY_ZBOT.LBL. ZeuS variants are known to steal information, particularly online banking credentials:
Trend Micro protects users from this spam run via its Smart Protection Network that detects and removes the ZeuS variant, and blocks the spammed message.