Issue
- Your ESET product detects the Win32/Spy.Zbot.AAU trojan (see Figure 1-1)
- You receive an unexpected, suspicious email from British Airways about an e-ticket
Figure 1-1
Details
Cyber criminals will sometimes disguise a variant of the Win32/Spy.Zbot.AAU trojan as an e-ticket from British Airways or another airline. These messages are sent out from compromised computers with the intent to spread this malware. When users click links inside these emails, or attempt to download the supposed e-ticket, their system becomes infected with a trojan horse that can spy on computer activity and expose personal data to cyber criminals.
To learn more about this kind of attack, read the ESET blog article.
Solution
ESET detects and protects against the Win32/Spy.Zbot.AAU trojan. To maintain the highest level of security, make sure that you are receiving regular modules updates. By default, your ESET product will automatically check for updates every hour if you have a valid license. If you need to renew your ESET product license to receive the latest modules update, visit our renewals page.
Click Update → Check for updates to manually check for updates at any time (click to view a screenshot).
What you should do
If you did receive such an email, or if ESET has detected the Win32/Spy.Zbot.AAU trojan, the malicious file has likely been quarantined. We recommend that you scan your computer as soon as possible to ensure that your system is clean.
If you suspect that your system is infected, follow the steps in the Knowledgebase article below:
Although ESET detects and protects against the Win32/Spy.Zbot.AAU trojan, you should not click any links or download any attachments if you receive a suspicious email from British Airways, or any other airline, about an e-ticket that you are not expecting or did not pay for.
