TSPY_ZBOT.SMHA

The TSPY_ZBOT.SMHA Trojan belongs to the Zbot family of Trojans, a group of malware that is infamous for stealing banking information. The most well-known relative of TSPY_ZBOT.SMHA is the Zeus Trojan, one of the most widespread malware threats. According to ESG security researchers, TSPY_ZBOT.SMHA has the capacity to steal data such as credit card numbers, PINs (Personal Identification Numbers), bank account numbers, online account passwords and other banking-related information. TSPY_ZBOT.SMHA is designed to reside undetected on your computer system and to activate whenever TSPY_ZBOT.SMHA detects that the infected computer's web browser accesses websites related to banking activities or online payments. This malware threat can then relay the stolen information to a third party. If you value the safety of your bank accounts, ESG security researchers strongly recommend being extremely careful when opening unsolicited email messages, since these are some of the preferred vehicles for variants of TSPY_ZBOT.SMHA. It is also crucial to be certain that you use a reliable anti-malware application with a real-time scanner, capable of intercepting TSPY_ZBOT.SMHA before TSPY_ZBOT.SMHA manages to make its home in your computer system.

TSPY_ZBOT.SMHA Is Linked to a Scam Involving Fake IRS Emails

As was mentioned before, variants of the Zbot Trojan family tend to spread as attachments in fraudulent email messages, often disguised as coming from a familiar source (for example, well known banks or delivery companies). Taking advantage of the fact that the IRS (Internal Revenue Service) has set January fourth as the beginning of the tax season, criminals have initiated various email scams using messages disguised so that they appear to have been sent by the IRS. An unsolicited email message may appear to come from a legitimate institution, with a subject reading something similar to 'Your Statement' or 'Please review this statement' and including a seemingly innocuous attachment (usually compressed so that the victim cannot view the contents of the attachment without downloading it first). TSPY_ZBOT.SMHA in particular has been known to be spread through a fake email purportedly coming from Fidelity Investments. However, this email is actually sent from a spoofed email address and is cleverly disguised to appear to have been sent from the offices of this real-life financial institution. There is no doubt that criminals will continue to take advantage of the tax season in order to keep distributing variants of TSPY_ZBOT.SMHA, which is why ESG security researchers advise computer users to be on the watch for these kinds of online scams.