Fake Verizon 'balance-checker' is a Trojan

IDG News Service - Cyber-criminals have started preying on Verizon Wireless customers, sending out spam e-mail messages that say their accounts are over the limit and offering them a "balance checker" program to review their payments.

The e-mail messages, which look like they come from Verizon Wireless, are fakes; the balance checker is actually a malicious Trojan horse program.

"If you run the tool, obviously, your computer is toast," said Nick Bilogorskiy, manager of antivirus research at SonicWall. "You get infected with a Trojan that SonicWall catches under the name Regrun."

The scammers started sending out the messages around 11:30 a.m. Pacific on Friday, and they quickly flooded the Internet with their spam. Within a few hours, SonicWall had intercepted the messages at about 16 percent of its customers, Bilogorskiy said.

That translates to about 200,000 messages per hour on SonicWall's sensors. "The volume of these e-mails is just huge," Bilogorskiy said.

Victims who download the software open up a back door to their computer, where more malware can be downloaded from the Zbot botnet, which is known for stealthily lifting online banking credentials and emptying accounts. For the bad guys, the payoff is big. Recently, the U.S. Federal Bureau of Investigation said this type of financial fraud has removed US$100 million from U.S. bank accounts.

Criminals are always looking for new ways to trick people into downloading their software, and this billing-cycle scam is simply the latest, Bilogorskiy said.