FDIC malware attack targets businesses

by Graham Cluley on January 10, 2012 | 2 Comments

Filed Under: Featured, Malware, Spam

Once again, internet users are being warned to be suspicious of unsolicited emails, as a malware attack poses as a communication from the Federal Deposit Insurance Corporation (FDIC) to businesses.

SophosLabs has intercepted a large number of malicious emails, pretending to come from FDIC that claim to have important information about the recipient's bank.

Attached to the emails is a ZIP file which contains a malicious payload, designed to infect Windows computers.

Here is a typical message:

Malicious email claiming to come from FDIC

Dear Business Customer, We have important information about your bank. Please refer to attached file to view information. This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership

The emails' subject line is "FDIC: About your business account", followed by a random code number. The attached filename, containing the malware, is FDIC_Information_About-your-business-account-JAN2012-XXXXX.zip (where 'XXXXX' is a random number). Sophos anti-virus products detect the attachment proactively as Mal/BredoZp-B and Mal/Zbot-EZ. Follow @gcluley Share Email Tweet Buffer Hacker News App.Net Pocket

Tags: FDIC, Malware, Spam Paybacks are hell: Parental spying prompts infiltration of German police system USA kicks out Venezuelan diplomat over cyber attack plot allegations

2 Responses to FDIC malware attack targets businesses @ITRCSD says: January 10, 2012 at 5:24 pm Another great article... Thanks for the heads up. Reply Report comment Len Jamiol says: March 9, 2012 at 3:43 pm As a former FDIC employee, I must state that the FDIC would NEVER send a customer of a bank confidential information regarding the condition of the bank. Reply Report comment Leave a Reply Cancel reply Your email address will not be published. Required fields are marked * Name * Email * Website Username * Comment You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <strike> <strong> About the author Graham Cluley has worked in the computer security industry for more than 20 years, developing anti-virus software and doing quite a lot of talking about internet threats. He's won awards for his blogging, but is proudest of the text adventure games he wrote when he was still wearing short trousers. You can learn more about those (the games, not the trousers) at grahamcluley.com. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates. View all posts by Graham Cluley

Popular Recent Related Want to see who has viewed your Facebook profile? Take care.. Revenge-porn website victim files suit against ex and four porn sites Apple iMessage "censors" mention of Obama: international conspiracy...or software bug? Snapchat images that have "disappeared forever" stay right on your phone... Rihanna sex video event scam spreads on Facebook Congress asks Google if and how it's protecting privacy with Glass Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory... Unlock an iPhone without the passcode - harmless trick or computer crime? Get ready for the next #sophospuzzle - coming soon to a T-shirt near you Snapchat sexting spam - how to stop messages from Honey Crush 9 and her friends Blogger threatened with $1 billion suit for writing about allegedly predatory publisher 22 million user IDs may be in the hands of hackers, after Yahoo Japan security breach Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory... Congress asks Google if and how it's protecting privacy with Glass Monday review - the hot 24 stories of the week Get ready for the next #sophospuzzle - coming soon to a T-shirt near you Interview with 'We are Anonymous' author Parmy Olson [PODCAST] FT hacked. Syrian Electronic Army hijacks Financial Times blogs and Twitter accounts How to hack an electric car-charging station Apple fixes 41 iTunes security flaws, some more than a year old Malware attack targets German internet users Illegal content on YouTube? Beware spammed-out malware attack Intuit payroll free trial email launches malware attack Malware attack poses as bloody photos of Gaddafi's death Skype worm spreads, using LOL trick to infect unwary users Malware attack poses as security warning from Microsoft Digital Crimes Unit Multi-platform backdoor malware targets Windows, Mac and Linux users Outbreak! Fake Amazon UK emails spammed out, delivering malware Photo.zip - Stolen nude photos and police investigations. Malware attack spammed out Video posts More videos this way You won't believe how crazy this password infomercial is (and neither did Ellen DeGeneres) [VIDEO] When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO] Sophos CEO suffers from a watery end for #ComicRelief Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO] Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]

About Naked Security About Sophos Our Authors Awards Got a story for us? Tags Adobe Android anonymous Apple Cybercrime data loss DDoS Exploit Facebook Fake anti-virus General Google hacking iPhone IT Malware Microsoft password phishing Privacy Scam scareware Spam Survey Scam Twitter Video vulnerability web web 2.0 WWW Categories Adobe Flash (181) Apple (919) BlackBerry (82) Celebrities (333) Cryptography (170) Facebook (727) Fake anti-virus (65) Firefox (168) Google (603) Google Chrome (134) iOS (318) Java (255) Law & order (2459) Mobile (397) Nude Celebrities (70) Oracle (155) Phishing (347) Podcast (174) Ransomware (117) Rogue applications (138) Video (269) Web Browsers (169) Windows (223) Windows phone (40) Archives by month May 2013 (61) April 2013 (94) March 2013 (103) February 2013 (96) January 2013 (109) December 2012 (52) November 2012 (103) October 2012 (113) September 2012 (91) August 2012 (110) July 2012 (92) June 2012 (91) May 2012 (99) April 2012 (79) More... Download some free tools Free anti-virus for your MacFree antivirus that works simply and beautifully Free file encryptionQuick and easy encryption for all your data More free tools... Take a look at our products Endpoint Encryption Mobile Network Email Web Try out our free trials and demos Investigate the threats Virus and spyware analyses Threat Center Inside SophosLabs © 1997-2013 Sophos Ltd. All rights reserved Legal Privacy Cookies Disclaimers Send to Email Address Your Name Your Email Address Cancel Post was not sent - check your email addresses! Email check failed, please try again Sorry, your blog cannot share posts by email.