US Federal Reserve Bank’s Name Used to Launch Phishing Attack
Security officials at US-CERT (US Computer Emergency Response Team) have warned online users about a new phishing scam which was probably discovered in the second week of November 2008.
They further stated that the scam originated from the Srizbi botnet and the message claims to have come from the US Federal Reserve Bank.
The spam message takes users to a web page where a warning of a new phishing scam is given. The message also contains a fake letterhead of the US Federal Reserve Bank with warning of a large-scale phishing attacks that are still continuing. As the text is grammatically incorrect and attempts to attract users to outside URL, the message is easily identified as fake, said security researchers and analysts.
With a click on the link provided in the spam e-mail by the victim, he is briefly taken to a fake Federal Reserve Page where a PDF file tries to open for supposedly furnishing more details on the attack, but after accessing the page for sometime, the victim is directed to pornographic website. Thus, the goal of the scam seems to be promotion of the website.
Explaining the modus operandi of attack, Costoya said that SSL (Secure Socket Layer) connection is used by the botnet to transmit (send and receive) encrypted information between the infected machine and botnet server. He further said that it is a new development in the attack mode and more sophisticated compared to web-based attacks where traffic comes in the form of plaintext.
Moreover, security researchers and analysts informed that the phishing scam is primarily meant to evade spam filters, with supposedly legitimate appearing Notification from the US Federal Bank. But most of the recipients have identified it phishing attack.
US-CERT has, thus, advised users to keep their systems updated and equipped them with antivirus software. It also recommends users to exercise caution while checking unsolicited messages and avoid clicking on links appear suspicious.
Related article: US Passes Baton to Asia in Spam Relay
» SPAMfighter News - 28-11-2008