Fake AV update notifications deliver malware
Posted on 22.11.2013
Spam emails impersonating a variety of antivirus vendors have been spotted targeting worried users around the globe, urging them to download and run an “important system update.”

“It's highly important to install this security update due to the new malware circulating over the net,” says in the email. “To complete the action please double click on the system patch KB923029 in the attachment. The installation will run in the silent mode. Please pay attention to this matter and inform us in case there is a problem.”

Unfortunately for those who fall for the trick, the ZIP email attachment actually carries a downloader Trojan that, after contacting a remote server, downloads a Zeus Trojan variant from it and installs it on the victims’ computer. It also creates a new registry key to make Zeus run every time the computer is restarted.

According to Symantec researchers, the spam campaign impersonates a slew of well-known AV companies such as AntiVir, Avast, AVG, Avira, Kaspersky Lab, Trend Micro, Symantec, and others, and offers “updates” for different AV solutions.

Users are advised not to click on links in or download attachments from unsolicited emails, and not to provide any personal information when replying an email. In this particular case, the spelling mistakes in the email point to it being a fake, but users should be wary of this type of emails even if they are written correctly.


The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Jul 28th