Published: November 16 2009, 12:18 AM
by Mary Grace Gabriel

Nowadays, I’m sure that most online users use the Internet for more than just social networking, chatting or gaming purposes.

We also use the Internet for our financial transactions such as banking, shopping and paying bills. I know it is very convenient for us but we must be careful when doing so.

You may have received spammed email that purports to be legitimate email from certain mobile phone service providers such as Vodafone or Verizon Wireless [Figure 1 and Figure 2].

                                                        [Figure 1 – Fake Vodafone email]

The email contains the Subject: Your credit balance is over its limit

The email contains the Body:

--------------------------------------------------------------------------------------------------------

Dear Vodafone customer,

Your credit balance is over its limit. Please use the attached Vodafone Balance Checker Tool to review and analyze your payments.


Yours sincerely,
Vodafone Customer Services

--------------------------------------------------------------------------------------------------------

The email contains a malicious zipped file attachment with the filename balancechecker.zip. This file is detected by CA as a Win32/Zbot family variant.

You can see in Figure 1 that the email contains a legitimate Vodafone logo. This may influence the recipient into believing that the email really has come from Vodafone and therefore open the malicious attachment in good faith.

                                                       [Figure 2 – Fake Verizon email]

The email contains the Subject: Your credit balance is over its limit

The email contains the Body:

--------------------------------------------------------------------------------------------------------

Dear Verizon Wireless customer,

Your credit balance is over its limit. Please use the attached Verizon Wireless Balance Checker Tool to review and analyze your payments.


Yours sincerely,
Verizon Wireless Customer Services

--------------------------------------------------------------------------------------------------------

The email contains a malicious zipped file attachment with the filename balancechecker.zip. This file is detected by CA as a Win32/Limdoor family variant.

It is always safer to check your account information from the main website of your mobile phone service provider than to trust unsolicited emails.

Again, we advise users to beware of these kinds of emails and ensure that your CA Security Products are updated with the latest signatures.

Share this post:  Email

Share