We have recently detected another spam message that contains a malicious URL. This is nothing new, but what if you receive an email message coming from a reliable source, such as a security company?

This is what has happened with a spam message that uses our free online analysis tool Activescan as a bait to deceive users.

The following image is the fake message that the user would receive. Note that it contains the logo of our company, but as we can see the analysis tool points to a malicious URL and not Panda’s.


 If the link is followed, a file called ScanActive.zip will be downloaded, as can be seen in the image below:

 

This file is not really our online analysis tool but a Banker Trojan belonging to the Banbra family, concretely Banbra.FRJ, which is designed to steal confidential information related to certain Brazilian banking entities.