SophosLabs are informing that “a malware writer has been infecting thousands of computers by hiding a new Trojan variant in a cartoon video” (see Troj/Agent-FWO ).
At least that is that is what this phish is saying.
Of course, the contents of the email are false, and if you do click on the link you don’t get taken to Merrill Lynch’s website but are directed to a website in China instead.
Name checking anti-virus firms is common in hoax emails but this is the first occurrence I have seen of an anti-virus firm being used in a phish.
And if you’re interested, you can read more about Troj/Agent-FWO’s curious animated disguise in this advisory Sophos published in June.