Fake AV update notifications deliver malware
Posted on 22.11.2013
Spam emails impersonating a variety of antivirus vendors have been spotted targeting worried users around the globe, urging them to download and run an “important system update.”

“It's highly important to install this security update due to the new malware circulating over the net,” says in the email. “To complete the action please double click on the system patch KB923029 in the attachment. The installation will run in the silent mode. Please pay attention to this matter and inform us in case there is a problem.”

Unfortunately for those who fall for the trick, the ZIP email attachment actually carries a downloader Trojan that, after contacting a remote server, downloads a Zeus Trojan variant from it and installs it on the victims’ computer. It also creates a new registry key to make Zeus run every time the computer is restarted.

According to Symantec researchers, the spam campaign impersonates a slew of well-known AV companies such as AntiVir, Avast, AVG, Avira, Kaspersky Lab, Trend Micro, Symantec, and others, and offers “updates” for different AV solutions.

Users are advised not to click on links in or download attachments from unsolicited emails, and not to provide any personal information when replying an email. In this particular case, the spelling mistakes in the email point to it being a fake, but users should be wary of this type of emails even if they are written correctly.


DMARC: The time is right for email authentication

Posted on 23 January 2015.  |  The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Jan 26th