Tax Phraud
A new Trojan Horse called Backdoor.Robofohas been spammed out today, which uses a variety of social engineeringtactics to aid its propagation. First it masquerades as an email fromthe US Internal Revenue Service (IRS), including the use of the IRSlogo in the message body to make it appear more legitimate:
The use of legalese in the message content may intimidate some usersinto opening the attachment. The attachment is called COMPLAINT.rtfand, when launched, displays the following bogus error message:
What appears to be text is in fact the name of an embedded executable, which installs a Backdoor Trojan detected as Backdoor.Robofo.Should you succumb to these various intimidation tactics, thenAntivirus definitions dated 05/30/2007 (revision 17 and later) willprovide detection against this threat. Symantec's Brightmail-enabledmessaging products also have a rule to block the spammed emails.
About Security Response Blog
Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:
Recently on Twitter
- Revamped Fake #Android Market for SMS Fraud http://t.co/mlrosRUH #malware10 Feb 2012
- Is Waledac spam dirtying the Russian 2012 elections? http://t.co/6gWaIyq610 Feb 2012
- Trojan.Activehijack found in the wild using a known #Office #vulnerability. http://t.co/7L8Xszwr09 Feb 2012
- Infostealer.Offsupload uploads 20000+ archives of stolen data to file sharing site http://t.co/5BBG51Go #Trojan08 Feb 2012
- #Android.Bmaster - Botmaster's profits exposed http://t.co/P8jOQP37 #malware08 Feb 2012