A new piece of malware, called Trojan.Spy.ZBot, is currently making the rounds. The Trojan arrives via an email message, supposedly from a shipping company such as UPS or FedEx, claiming the company was unable to deliver a recently mailed package. The email message contains a (random) invoice number, as well as an attached “invoice” that the user is instructed to download and print in order to claim the package.
Of course the attachment isn’t an invoice, but rather a dangerous piece of malware--either Trojan.Spy.ZBot or one of its variants--that is designed to steal e-banking data. The malware deactivates the firewall and can steal credit card data and bank account numbers, as well as logon information.
To prevent infection, warn users to not open these spam emails (especially the attachments), and keep your company’s firewall and antivirus/anti-spam/anti-malware solutions up-to-date.