The Zeus botnet is using large money fake bills that closely resemble ATT bills to infect unprotected users
New Zeus Botnet uses Fake ATT Billing scam
QUOTE: Fake AT&T bills containing malware have hit at least 200,000 consumers, according to Websense. The malicious emails contain the subject line “Your bill is ready to be viewed.” Clicking into it presents the usual AT&T bill notification with buttons that appear to lead readers to view their bill online. The biggest tell-tale sign is a bill amount of several hundred U.S. dollars, though sometimes a crazy sum can alarm a user enough to keep clicking for more infomration. Another is that the email addresses you as “Dear Customer” or “Dear Valued Customer” rather than your name. When a victim clicks on an embedded link, his browser is redirected to a website hosting the ever-popular Blackhole exploit kit. The Trojan horse drops files into Application Data and Temp folders, which then connects user systems to a botnet exhibiting Zeus-like behavior, Websense said.