A malicious email which appears to be a Symantec Virus advisory but instead packs malware designed to disable anti-virus updates, is being increasingly received by the Internet using public. Featuring a spoofed "From" address that is intended to fool people into believing that the message is from Symantec's Norton Anti-Virus division, the email message claims that the user's machine is infected with a virus called w32.aplore@mm, and then directs the user to a cleaner. Clicking on this downloads an executable which then modifies the user's host file. This has the affect of disabling the user's anti-virus software updates.
Max Rayner, CIO and executive vice president of product and service delivery, said that the malware was first detected by the firm's staff in Asia who passed details to its EMEA team, who then transferred the findings to the American team, which ultimately verified the scam.