Skip to main content

Fake Royal Mail emails spreading Zeus bot

Bogus emails disguised as Royal Mail failed delivery notices could install the infamous Zeus bot according to a security outfit.

M86 Security is warning that the emails with the subject line 'IMPORTANT: Royal Mail Delivery Notice.pdf' use the Launch Action feature specified in the PDF format to run an executable embedded in the file.

Users are tricked into running the executable file as it appears they are merely saving or opening the pdf, but the dodgy file actually installs the data-stealing Zeus bot.