This particular spam email purportedly contains the confirmation code and the online reservation details needed for the users to confirm their flight reservation:
Once the kit exploits a vulnerability in Java, Flash Player or Adobe Reader, a downloader that ultimately connects to a C&C server and downloads and runs the GameOver Zeus variant is dropped into the machine.
Given that the exploits, downloaders and ZeuS modifications used by the cybercriminals in this attack have been detected mostly by Russian, US, Italian, German and Indian Kaspersky users, he speculates that this spam campaign was and is not the only method used by these cyber crooks to spread ZeuS.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.