14 DAY TRIAL // Internet users are advised to treat emails that seem to be coming from mobile carriers, especially Verizon, with maximum suspicion since security experts noticed that they were actually set up to spread a malicious piece of malware.
A sample email provided by MMPC reads:
Hello Dear! Your current bill for your account is now available online in My Verizon. Total Balance Due: $0751.49 Keep in mind that payments and/or adjustments made to your account after your bill was generated will not be reflected in the amount shown above. View all your recent bills in application materials. Thank you for choosing Verizon Wireless. The subject of this email that looks something like “Important Account Information from Verizon Wireless TRACK-ID: 70341011278” may vary and the amount of money mentioned in the alert as well, but they were all discovered to contain an attachment that actually represents the malicious PWS:Win32/Zbot.gen!Y, also known as the bank-account-stealing ZeuS.
A variant of the malicious message was also seen to target Adobe customers, promising them a “software critical update” and some new features that allow them to “collaborate across borders,” “create rich, polished PDF files” and “ensure visual fidelity.”
Users are advised to avoid such phony alerts, especially if they know they don’t have anything to do with the company whose name is involved.
As in many cases, a few simple hints can give away the true identity of such a malevolent campaign. First of all, no company will address a customer with “hello Dear.” Secondly, organizations will never send attachments, particularly not zip or executable files.
Finally, a good security solution can always come in handy as in most cases they can detect and neutralize any malicious threat that might be hidden behind what seems to be a simple document.