By Andrew Brandt
As the reign of nuisance by Trojan-Backdoor-Zbot continues, the latest scam invites victims to review a “transaction report” on a page supposedly on the Web site of the American Bankers Association, or ABA.
(I wouldn’t want to call it a reign of terror; that might give the Zbot authors an inflated sense of their own importance. Zbot is like a wasp buzzing around the picnic table, and deserves a good, sharp smack, preferably with a shoe.)
The “report” is, of course, an installer for this Trojan. The scam is virtually identical to ones we’ve seen where the scammer sets up Web sites in the guise of such notable organizations as the IRS, CDC, Visa, and other organizations, or software programs like AOL Instant Messenger and Microsoft Outlook, or Web sites such as Facebook.
As in the previous scams of this ilk, the URL that victims click includes the victim’s email address; That email address appears within the fake page, along with a bogus transaction ID and an outrageously large Amount of transaction — all information that’s designed to inspire a sense of panic and urgency in the victim, leading the victim to click the “generate transaction” link on the page and infect a computer with the Trojan.