We are currently receiving email messages in the email honeypot which uses PBS, Payroll & Business Services Ltd, for its social engineering technique. The email informs the recipient that the “Fake” PBS Company received an error from the recipient’s bank. Further, it encourages the recipient to open the attachment for other details on the transaction. However, the attachment is a binary file with an EXE file extension, to be detected as TROJ_DLOADER.BMX. This Trojan downloads a Trojan spyware malware which will also be detected as TSPY_CASGRAB.K.
Other details of the email can be found in our Advisories page. Click on the following link:
Meanwhile, the link www.pbs.uk.com is a legitimate site. PBS posted an urgent notice for its customers about the said spammed email
“If you have received an email which appears to have been sent by PBS (UK) Ltd, with regard to a bill payment for the amount of Ã?£755.00, please ignore this email.”
Follow the following link for PBS’ notice.
Users are advised to be aware on spam messages, and also not to open attachments from unsolicited emails of known or unknown contacts. Lastly, please update your pattern files regularly. =)