ZBOT Poses as Antivirus Update

 Analysis by: Ramon Miguel Romero

Cybercriminals take any path they can to get to your system. In this spammed message, cybercriminals use the Trend Micro name and instructs users to update their anti-malware using the attached security update in the email. The attachment is ZBOT malware.

Note that other Internet security providers' names are also being used in this spam. In our research, spam of this kind makes up 14% of the total of the spammed messages we have encountered since November 21, 2013. It is possible that there are active spam botnets using this message to spread malware.

Security companies never reach out to customers with attachment for a software update. Users should proceed to their security vendor's website for any updates for their software.

 SPAM BLOCKING DATE / TIME: November 22, 2013 GMT-8
  • PATTERN:20310