Security experts at M86 Security are warning of yet another malicious spam campaign driven by the activity of a prolific botnet.
Ever since its reappearance in May of this year, malicious spam campaigns purporting to be from DHL, Fedex, UPS or USPS have been sent out by the Asprox spambot.
The emails usually arrived with a zip file attachment containing an executable file disguised as an Excel spreadsheet, which in most cases turns out to be the Trojan Sasfis.
The latest take on this popular technique, according to M86 Security, is that the message now tries to trick the user into clicking on the executable by purporting to be from Facebook support.
The message claims that the user's Facebook password has been changed or access to their account has been blocked.
"There was outrage [last week] when many Facebook users, many of whom were female, found their accounts disabled following an automated Facebook system 'cleanup' of dubious accounts," wrote M86 threat analyst, Rodel Mendrez.
"Spammers may have taken advantage of this publicity."
The update is yet another cautionary tale highlighting the agile, well-resourced and inventive methods cyber criminals are employing to part us from our hard-earned.
The success of Asprox also shows that while take down efforts on Pushdo and Bredolab spambots may have had some impact on volumes, there will always be others to take their place.
PUBG news and updates: November's Update #23 to bring new Skorpion pistol and changes to blue zone visibility
Genuinely useful side-arm coming to PUBG in Update #23
Asda, Morrisons and Tesco in the frame for checkout facial recognition technology
Research opens up new possibilities for structural batteries, where the carbon fibre forms part of the energy system
Another shape could have indicated hard-to-detect particles