ZeuS Trojan Attack Spoofs IRS, Twitter, Youtube

Criminals have launched a major e-mail campaign to deploy the infamous ZeuS Trojan, blasting out spam messages variously disguised as fraud alerts from the Internal Revenue Service, Twitter account hijack warnings, and salacious Youtube.com videos. All of the latest e-mails use a variety of URL shortening services. For example, this shortened link (currently live and dangerous, and therefore neutered here)… hxxp://qurl.com/zv9j7 ….when clicked reverts to: hxxp://www.irs.gov.vrddr.ru/fraud_application/directory/statement.php?tid=00000143073750US ….which takes the user to one of dozens of identical Web pages that spoof the IRS and encourage visitors to download and review their tax statement, which is of course a powerful and stealthy password-stealing program. Posted in: Account Takeover Identity Theft