If a user does press run, nothing seems to happen. There is no order, no payment, no inquiry. They are left looking at the e-mail wondering what happened.
What happened is Zeus, it has installed and is quietly camped out inside their Web browser, watching the pages that go by and selecting any usernames and passwords supplied by logging into important sites. Every so often it sends a message to a remote website passing along what it has found.
Zeus network traffic
Barracuda Networks customers using the Barracuda Spam & Virus Firewall are protected from these e-mails.Barracuda Web Filters and the Barracuda Web Security Flex service stop the download of these threats.
Dave Michmerhuizen is Research Scientist and Luis Chapetti is Security Researcher at Barracuda Networks.
For more information on how to protect your network please go to www.barracudanetworks.com/
Sign up for CIO Asia eNewsletters.