Webroot Alerts about New Phishing Attacks against Financial Institutions
A major banking solutions providers, Webroot, is alerting its customers that phishing attacks are likely to target different financial institutions.
For the same reason, it has also alerted the National Automated Clearing House Association (NACHA) that runs the Automatic Clearing House network to get ready for the ensuing confrontations. The company also cautions that the hackers might sneak into users' comuters to obtain their bank account details.
In a blog post, Andrew Brandt, malware Researcher at Webroot, wrote that when the biggest clearing house in the world, servicing for funds transfers among banks, supposedly dispatched an e-mail of this kind to a user, it probably required the user to awaken and take notice, as reported by Indiaserver on November 18, 2009.
Brandt further wrote that a warning in the e-mail stated that the Electronic Payments Association had rejected the ACH transaction lately conducted from the bank account of the e-mail recipient. According to him, the e-mail was therefore clearly a scam, intending to scare the victims into following a given Web-link and thereby getting trapped.
He also indicated that if anyone pressed open the link, he would be led to a website containing a Trojan that would secretly capture the user's login credentials. Over and above, Brandt noted that several drive-by websites also redirected the user and attempted at loading an infection on his PC, as reported by V3 on November 13, 2009.
Eventually, Internet security analysts stated that the NACHA phishing campaign represented a well-organized assault that sent a spam mail containing a web-link, which took victims on one of the Trojan laden sites resembled the corporate site of NACHA.
Hence, Brandt recommended e-mail users that they must maintain vigilance as well as regard unsolicited e-mails that apparently warned of incorrect financial transactions and arrived from strangers, with suspicion.
Moreover, spammers, in a similar fake e-mail campaign, used the name of NACHA, whereby the messages carried a web-link that led to an imposter NACHA site, prompting victims to take down and run certain PDF file that actually was an executable.
Related article: Webroot Detects Malware in Presidential Campaign Videos
» SPAMfighter News - 30-11-2009