Today’s attempt to take over your machine: Fake AIM updates

Thu, Jan 21, 2010 by David Romerstein

Within the last few hours, Cloudmark has seen a marked increase in messages claiming that the recipient’s AIM account is about to be closed and that, to prevent that from happening, the recipient must download and install a new update to the AIM software.

Subject lines include:

  • AIM critical update
  • Your AOL Instant Messenger will be deleted
  • AOL Instant Messenger critical update

Kaspersky identifies the downloaded file as an installer for the Zeus bot, which has been used both for spamming and for stealing personal information and was most recently in the news for having made a home within the Amazon cloud.

As always, practicing safe computing will help you. Be wary of ‘security alerts’ that ask you to download files, pay attention to those URLs (www.aim.com/download is not the same as www.aim.com.download.botdomain.com), and keep your anti-virus and anti-malware programs up-to-date.

Leave a Reply
(will not be published)
Submit Your Comments

* Indicates a required field

Learn More About Cloudmark
Our Products
News and Events
Site Map  •  Privacy Policy  •  ©2002–2014 Cloudmark, Inc.