This week we have seen Pushdo send a number of malicious spam campaigns impersonating Facebook and the FDIC. Today we began to see yet another malicious spam campaign from Pushdo, this time the spam emails claim to come from 'Myspace Service'. The volume of these is currently low and all messages have the subject line 'Myspace Password Reset Confirmation'.
The message claims that to provide safety, your MySpace password has been changed and that your new password is in the attachment.
Unsurprisingly the zip attachment does not contain a new password but an executable file that is the Zbot Trojan horse.
A couple of days after the last fake Facebook spam with malicious attachments, Pushdo began to send this Facebook spam with links to a website that asked users to download and run an update tool that was actually Zbot. If this trend continues it's possible that Pushdo will do the same thing again with a fake MySpace website or use another popular brand such as Twitter or Google.
