03 March 2010

The following (or similar) email is currently in circulation and should be ignored. The email appears to be addressed from Service Manager Lynn Sandoval < This e-mail address is being protected from spambots. You need JavaScript enabled to view it > and contains an attachment , eg UPS_invoice_Nr145.zip, UPS_invoice_Nr823.zip or attachment.txt. If you have received a suspicious email from UPS, Westpac, Myspace etc asking you to open the attached file then this article explains what happens when the attachment is opened. The attachment contains a rogue .exe application which installs Zbot on your computer.

Examples of infectious attachments include: UPS_invoice_Nr19373.zip and Facebook_password_37413.zip. Please note that the numbers before the .zip may vary.

Zbot Trojan, aka Infostealer automatically sends financial information like Internet banking login credentials and credit card details.

It also deactivates the Windows firewall when means your computer has no protection from hackers wanting to control your infected computer.

At the time of writing this article many of the current antivirus applications cannot detect this Trojan.