Recently, cybercriminals are once again seen targeting customers of AV firms by using the name and reputation of AV companies in their social engineering ploy. We received reports of a spoofed Trend Micro notification that redirects users to a Canadian Pharmacy website. As with previous spam runs, cybercriminals send spam emails to target recipients, claiming to be from a legitimate source. In this case, it claims to be from an administrator of Trend Micro.
The email message notifies recipients that their accounts have been hacked and are thus temporarily inaccessible. It advises users to open the HTML file that comes attached to the email for instructions on how to enable their accounts. Opening the attachment redirects to users to a Canadian Pharmacy website.