Posted by: David Harley | August 9, 2010

Fake AV Campaign

Websense Security Labs are reporting a new spam campaign with emails that appear to come from legitimate concerns (Target, Macy’s, Best Buy, and Evite) but actually contain links to a rogue AV site.

AV coverage of the binary flagged by Websense has rapidly increased in the past few hours, but purveyors  of rogue anti-malware are notoriously quick to change binaries to reduce AV detection. The emails are also likely to change over time, but it’s worth taking a look at Websense’s comprehensive blog about what they’re seeing and how they look when they execute, in order to get a flavour of the current attack, and be better able to recognize variations on the same theme.

David Harley CITP FBCS CISSP
ESET Senior Research Fellow

[http://wp.me/pOMVc-2o]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: