Thursday, July 31, 2008 4:44 PM
cmosby
Fake Jetblue eTickets - F-Secure Weblog
Fake Jetblue eTickets
Posted by Patrik @ 21:32 GMT | Comment (1)
The most common way a user gets infected these days is through drive-by downloads and while the prevalence of malicious email attachments definately has gone down we still see them on a dialy basis. Like today when we saw a large spam run sending out fake JetBlue etickets.
The mail contains a ZIP file that contains the file eTicket#1721.exe which we detect as Trojan-Spy:W32/Zbot.QO. The malware itself tries to steal usernames and passwords to online banks. I guess we can call this way of spreading malware old school...
Filed under: Security and Anti-Virus, Internet News, Spam\Phishing, Cybercrime