Posted by: David Harley | August 9, 2010

Fake AV Campaign

Websense Security Labs are reporting a new spam campaign with emails that appear to come from legitimate concerns (Target, Macy’s, Best Buy, and Evite) but actually contain links to a rogue AV site.

AV coverage of the binary flagged by Websense has rapidly increased in the past few hours, but purveyors  of rogue anti-malware are notoriously quick to change binaries to reduce AV detection. The emails are also likely to change over time, but it’s worth taking a look at Websense’s comprehensive blog about what they’re seeing and how they look when they execute, in order to get a flavour of the current attack, and be better able to recognize variations on the same theme.

ESET Senior Research Fellow


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: