The malicious notifications carry a variant of the ZeuS Trojan

Apr 30, 2013 15:05 GMT  ·  By

Spam messages that purport to come from the US Federal Reserve ([email protected]) have been landing in inboxes over the past hours. 

Entitled “Your Wire Transfer [number] canceled,” the emails read something like this:

“The Wire transfer, recently sent from your bank account , was not processed by the FedWire. Transfer details attached to the letter. This service is provided to you by the Federal Reserve Board. Visit us on the web at website

To report this message as spam, offensive, or if you feel you have received this in error, please send e-mail to email address including the entire contents and subject of the message. It will be reviewed by staff and acted upon appropriately.”

Sophos experts have analyzed the malicious emails and have found that the file that supposedly contains the transfer details is actually an archive which hides a variant of the ZeuS Trojan.

Be sure to avoid opening files attached to unsolicited emails. If your computer becomes infected with such a Trojan, crooks might gain access to your online accounts, including your banking account.