Here you have a summary of different email messages with malicious intentions that we’ve detected recently.
On the one hand, we have a phishing message affecting eBay company, and on the other, emails referring to different subjects in order to distribute the rogueware detected as Adware/ProtectionCenter. Its purpose is the same as the other rogueware variants, to deceive users making them think that their computer is infected, so that they purchase the fake antivirus program.
eBay phishing
You receive an email like the one below notifying you that your eBay account has been temporarily suspended and in order to activate it again, you have to run the attached file, which is an HTML file:
When running this file, a website imitating eBay’s is displayed warning users again that their account has been suspended and in order to activate it, you have to click the button “Activate Nowâ€:
If you click this option, you’ll be redirected to http://www.registra<blocked>bay.freehosting.com/ from which you are requested the data of your eBay account in order to obtain your credentials.
Distribution of ProtectionCenter
We’ve detected the following spam messages with the purpose of distributing ProtectionCenter:
Outlook Setup Notification
These other email informs you that you have pending Outlook messages and you have to configure Outlook again. In order to do so, you have to run and install the attached file, which is none other than Adware/ProtectionCenter:
Amazon
This other email seems to have been sent by Amazon and is about something you’ve ordered and  attached you have the order details so that you can print them and receive the parcel:
Actually, the attached file contains a copy of Adware/ProtectionCenter.
This other email passes itself off as Twitter and informs you that someone has tried to obtain your credentials to access Twitter and recommends you to download a security module from a certain website:
If this link is followed, you’ll be redirected to Google Groups websites like the following, from which the rogueware is downloaded:
http://twitter-sec<blocked>model.googlegroups.com/web/Twitter_security_model_setup.zip
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
