Something to watch out for: From F-Secure:
Somebody has lately been seeding emails like the one pictured below.
Obviously, they are not from Symantec. And when you click the link, you end up getting redirected to a web page which will initiate an autodownload of a file called “rxBot.exe”, which is – you guessed it – a variant of the RXBot family.
A mail like this will pass most corporate email filters. There’s no attachment. There’s no masked link either, so phishing filters probably won’t detect it.
Read more here.
(Side note: Stefan at F-Secure emailed me with a minor inadvertent error on their part — this is actually a variant of Rbot – not Rxbot, and they have a description of this naughty little thing here.)
Alex Eckelberry