Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


US Federal Reserve Bank’s Name Used to Launch Phishing Attack

Security officials at US-CERT (US Computer Emergency Response Team) have warned online users about a new phishing scam which was probably discovered in the second week of November 2008.

They further stated that the scam originated from the Srizbi botnet and the message claims to have come from the US Federal Reserve Bank.

The spam message takes users to a web page where a warning of a new phishing scam is given. The message also contains a fake letterhead of the US Federal Reserve Bank with warning of a large-scale phishing attacks that are still continuing. As the text is grammatically incorrect and attempts to attract users to outside URL, the message is easily identified as fake, said security researchers and analysts.

With a click on the link provided in the spam e-mail by the victim, he is briefly taken to a fake Federal Reserve Page where a PDF file tries to open for supposedly furnishing more details on the attack, but after accessing the page for sometime, the victim is directed to pornographic website. Thus, the goal of the scam seems to be promotion of the website.

Joey Costoya, Advanced Threats Researcher, Trend Micro, said, the PDF file has malicious JavaScript inside. After launching, the malicious code tries to download a number of other malware packages, including a botnet controller file, onto the system, as reported by vnunet on November 14, 2008.

Explaining the modus operandi of attack, Costoya said that SSL (Secure Socket Layer) connection is used by the botnet to transmit (send and receive) encrypted information between the infected machine and botnet server. He further said that it is a new development in the attack mode and more sophisticated compared to web-based attacks where traffic comes in the form of plaintext.

Moreover, security researchers and analysts informed that the phishing scam is primarily meant to evade spam filters, with supposedly legitimate appearing Notification from the US Federal Bank. But most of the recipients have identified it phishing attack.

US-CERT has, thus, advised users to keep their systems updated and equipped them with antivirus software. It also recommends users to exercise caution while checking unsolicited messages and avoid clicking on links appear suspicious.

Related article: US Passes Baton to Asia in Spam Relay

» SPAMfighter News - 11/28/2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page