A fake Verizon Wireless email with the subject “Your credit balance is over its limit” is currently making rounds.

Dear Verizon Wireless customer,

Your credit balance is over its limit. Please use the attached Verizon Wireless Balance Checker Tool to review and analyze your payments.

Yours sincerely,
Verizon Wireless Customer Services

The email contains an attachment called “balancechecker.zip” which is really Trojan Sasfis/Oficla. If executed Sasfis will run silently in the background and download and install additional malware.

http://www.virustotal.com/analisis/c98767c0a51b0ca83d1708beb89f03296394f11f4fd17fc93f3b6d6fbf1686a9-1258535039

The ongoing fake antivirus campaigns are out of control with no end in sight. This software is distributed in a variety of ways such as spam, drive by downloads, Fake Ad banners or  social engineering techniques. Some hold the files on your computer hostage by encrypting them while others harvest email addresses and credit card information.

Protecter Plus

Antivirus 2009

While the malware each domain is distributing  may change the keyword “anti” is usually static. Follow the links below to view an updated list of fake antivirus domains.

http://malc0de.com/tools/db.php?search=scan
http://malc0de.com/tools/db.php?search=anti
http://malc0de.com/tools/db.php?search=security