Computer forensics researchers at the University of Alabama at Birmingham (UAB) have been tracking new spam that claims to come from the U.S. Federal Deposit Insurance Corp. (FDIC) and uses a virus to steal sensitive personal information such as bank passwords.
Gary Warner and his team in the UAB Spam Data Mine have been tracking the spam and say the delivery volume has been very high. People are receiving fake messages that say their bank has failed, and to use the provided link to a specific Web site to check their bank deposit insurance coverage. The link takes the unsuspecting victims to a page that asks them to click and download a copy of their personal FDIC insurance file. "Unfortunately, anyone who clicks that download link will be downloading a version of the Zeus Bot virus, which has the capacity to steal bank passwords and other financial and personal information," Warner says.
The distributors of the malware have forged the real email address firstname.lastname@example.org. "The cybercriminals behind this spam have gone to great lengths to mimic the logos and look of FDIC communications, including going so far as to forge an official FDIC email address in an effort to confuse consumers into following links and downloading harmful programs," Warner notes.
From University of Alabama at Birmingham
View Full Article
Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA
No entries found