The emails arrive bearing subject lines such as “State Vaccination H1N1 Program,” “Governmental registration program on the H1N1 vaccination,” and “Create your personal Vaccination Profile.” Purportedly from the Centers for Disease Control, the messages urge recipients to register for H1N1 vaccinations.
The problem is they’re bogus.
The messages lead users to an official-looking CDC site where they’re asked to create a profile in order to receive a vaccination for the swine flu. The site encourages users to download a vaccination profile archive and includes a link to the download.
Clicking on the link, however, actually downloads and installs a new variant of the “Zbot” Trojan horse. Called “Zeus” by some security companies, the malware is a bot Trojan that hijacks the Windows PC for nefarious activities, including sending out more spam.
It’s just the latest example of the way...