Posts Tagged: Bank of America


Malicious Bank of America (BofA) ‘Statement of Expenses’ themed emails lead to client-side exploits and malware

by

Bank of America (BofA) customers, watch what you click on! A currently ongoing malicious spam campaigns is attempting to entice BofA customers into clicking on the client-side exploit serving URLs found in legitimate looking ‘Statement of Expenses’ themed emails. Once users with outdated third-party applications and browser plugins click on the link, an infection is installed that automatically converts their PC’s into zombies under the control of the botnet operated by the cybercriminal/gang of cybercriminals behind the campaign. More details:

Continue Reading »

Cybercriminals impersonate Bank of America (BofA), serve malware

by

Relying on tens of thousands of fake “Your transaction is completed” emails, cybercriminals have just launched yet another malicious spam campaign attempting to socially engineer Bank of America’s (BofA) customers into executing a malicious attachment. Once unsuspecting users do so, their PCs automatically join the botnet operated by the cybercriminal/gang of cybercriminals operating it, leading to a successful compromise of their hosts. More details:

Continue Reading »

Fake BofA CashPro ‘Online Digital Certificate” themed emails lead to malware

by

By Dancho Danchev Over the past 24 hours, we intercepted tens of thousands of malicious emails attempting to socially engineering BofA’s CashPro users into downloading and executing a bogus online digital certificate attached to the fake emails. More details:

Continue Reading »

BofA ‘Online Banking Passcode Reset’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic rotation of impersonated brands in an attempt to cover as many market segments as possible. More details:

Continue Reading »

New Bank Phisher Brings Added Functionality, Problems

by

I didn’t want to let too much time pass before I wrote about a new Zbot-like bank phishing Trojan variant that came across my desk last week. The keylogger started arriving the first week of February as an attachment to a spam email designed to look like it came from United Parcel Service. No, the old malware trope of spammed shipping invoices is not dead yet, Alice, but we’re going to follow this one down the rabbit hole anyhow. The brief message had a Subject line of “United Parcel Service notification” followed by a random, five-digit number, and a file […]

Continue Reading »

A Cave Monster from Hell Wants Your Financial Data

by

A novel and pretty sneaky Trojan designed to steal financial data appeared on our radar screen last week. The Trojan, once installed on a victim’s computer, rootkits itself to prevent detection, then watches the victim’s browser for any attempt to connect to the secured, HTTPS login page of several online banks. When the victim visits the login page the Trojan has been waiting for, the Trojan generates a form that “hovers” over the login page asking for additional verification information. “In order to provide you with extra security, we occasionally need to ask for additional information when you access your […]

Continue Reading »

Lazy Phishers Just Email the Phishing Web Page to You, Now

by

It was a particularly busy weekend for spammers, especially the creepy, evil ones who are trying to steal information (as opposed to the merely scungy pill vendors and their ilk). Webroot’s Threat Research team has recently seen a glut of phishing messages which, like most, purport to come from banks and ask you to update your account information. But unlike most phishing messages, which contain a link to a Web site, these phishing messages include an attached HTML file which, in essence, puts the phishing page right on your hard drive. When launched, the HTML file renders a sparse but effective phishing form […]

Continue Reading »