Threat analysts at PhishLabs have encountered a fake browser warning which, when acted upon, delivers the Zeus (Zbot) malware.
Of course, this type of social engineering attack is quite commonplace these days but what makes this one standout, and the main reason we are bringing it to your attention, is the convincing nature of the warning message.
It includes the usual social engineering earmarks, praying on the fears of users…
- The language and grammar used in this message is noticeably superior to the norm. Poor grammar and spelling are generally good indicators of fake warnings or messages, but this one, while still not perfect, is way more accurate than most.
- The design of the warning notice is also superior, closely resembling legitimate alerts issued by popular browsers.
Clicking the 8220;Download and Install” button will, of course, lead to the Zeus malware, a highly malicious trojan that steals online banking credentials and makes infected computers part of a botnet.
Overall, we believe this one has the potential to fool quite a few unwary users, hence this advisory.
**At time of publication, exact circumstances of how this fake notice is being delivered remain unknown. However, PhishLabs’ investigation is ongoing.