People are being warned of an email claiming to be from an anti-spyware company that is being used to spread a new Trojan-downloader.

According to BlackSpider Technologies, the email is a classic example of social engineering and tries to fool people into believing it is from a genuine company, in this case SpysoftCentral.

Purportedly from the customer service department the company, it claims to be confirming subscription to one of its products and mentions the deduction of £79.39 from the recipient’s credit card account.

The email claims that the attachment contains the detailed invoice – when the attachment is opened, however, Trojan-Downloader.Bancos is downloaded. The Trojan can then be used to download new malware on to the PC.

The body of the email reads:

SPY DOCTOR / Order : DD269901/

This e-mail was generated by a mail handling system. Please do not reply to the address listed in the "From" field.
Please read the CUSTOMER SERVICE section for answers to your questions.

Dear Madame/Sir,

Thank you for your order. Spysoftcentral processes orders and collects payments on behalf of PC Tools.

Your credit card (VISA) has been debited with GBP 79.39 and the level of credit card authorization has been changed.
Please note that "WWW.SPYSOFTCENTRAL.COM" will appear on your credit card statement, and not the name of the publisher (PC Tools).

You will receive detailed information on the shipment in a separate e-mail that was sent at the same time as this e-mail.

SUBSCRIPTION
The following product involves a subscription:

Spyware Doctor - 3-months subscription
Duration of the subscription: Until cancelled Payment interval: every 3 months Order Date: 19 JUL 2006

The attachment to this e-mail includes an invoice for your order.

TECHNICAL SUPPORT

If you have any content-related or technical questions about the product, please contact PC Tools directly.

Sincerely,
Your Spysoftcentral Team

James Kay, CTO, BlackSpider Technologies, said: "This is not the first time virus writers have used PC users’ anxiety over spyware to entice them to open a malicious attachment.

" As far as social engineering goes, I wouldn’t be surprised at all if lots of people were duped by this ploy."