Recipients in a number of malspam campaigns could fall victim should they click on a link. That will trigger a download and launch malware executables delivering a number of Dropper and Backdoor Trojan families. The Internet Explorer web browser shows a warning requesting permission to allow execution of the ActiveX component, but once that’s allowed, the malicious payload is downloaded and executed.
Their advice: Be cautious when clicking on links or attachments from unknown senders. Miscreants behind such campaigns are continually altering their obfuscation strategies to stay a step ahead of detection by security engines.
“It is increasingly important to have multiple security layers to block these kinds of attacks,” the Zscaler ThreatLabZ team concluded.