Finnish antivirus vendor F-Secure has published an advisory about fake emails sent out in its name that contain malware. The emails contain the line: "I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue." The attachment (presumably) contains not a screenshot but a new variant of the Breplibot worm. This is essentially the same phishing technique often used to send keylogging Trojans to bank customers. The email uses social engineering techniques to fool recipients into doing something silly, in this case opening the attachment.
More malware, social engineering and authentication links