The Register: Cybercrooks are upping the ante by loading malware as an attachment inside another attachment in a bid to slip past security defences.
A new variant of the Upatre Trojan comes bundled in spammed messages that imitate emails from known banks such as Lloyds Bank and Wells Fargo. The .MSG file of the malicious emails contains another .MSG file attached with an attached “ZIP” file.