About the Incoming Fax Email
This is only the latest wave of spam containing a variant of the notorious ZeuS banking malware. Known as DYREZA, it is usually delivered via an email attachment and the message uses social engineering designed to trick the victim into opening the attachment. In the past it has posed as an invoice. Here's an example of this morning's campaign.
About the DYREZA Virus / Trojan
The DYREZA malware is reported to be a trojan and is considered a very serious risk. It compromises the affected machine in various ways to access the user's banking and other account information. It can perform online man-in-the-middle attacks (like electronic eavesdropping), record browser activity, steal security certificates and login credentials, and track where users go online.
Bypassing Anti-Virus Software
The variant we blocked this morning was still only being recognized by 6 out of 57 anti-virus scanners about 90 minutes after the attack ended. That's why it's important to use a Cloud-based email spam filter that's constantly-updated. Anti-virus programs, while still important, simply cannot keep up with the pace of these rapidly changing email-borne threats because they only look at the downloaded file to determine if it is malware.
Cloud anti-spam can examine the entire delivery mechanism, such as the email header and message, to look for malicious clues. It can also detect spammy global traffic patterns and can update almost continuously. Our professional threat analysts work 24/7/365 to identify new threats and update the SpamStopsHere database every two minutes. Many businesses and IT department cannot provide that level of protection on their own, try as they may. We've heard that even popular antispam appliances are only updated every 45 minutes - and only after letting threats onto your network. Cloud antispam blocks them in the Cloud, far away from your infrastructure.
See our recent blog article for more information about the advantages of Cloud antispam for protection against email-based threats.
SpamStopsHere blocks email spam in the Cloud 24/7/365. It blocks 99.5% of spam with fewer than 0.001% false positives. That means we block fewer that 1 out of 100,000 good emails, which is why businesses and professionals love our service. No user tuning is required and there is no learning period.
It also provides zero-day protection against email born threats like Cryptolocker and other viruses, trojans, etc. Because it works in the Cloud, spam filtering updates take effect immediately without the user downloading or installing anything.
If you're having trouble keeping up with these threats, consider trying SpamStopsHere FREE for 30 days.
Marks used in this article are the properties of their respective owners. This article is for informational purposes. No endorsement by third parties is implied and none should be inferred.