Security researchers from Sophos, have intercepted two currently active and circulating malware campaigns, enticing users into downloading and executing malicious file attachments.
The first campaign is impersonating the Federal Deposit Insurance Corporation (FDIC), for malware-serving purposes.
Dear customer,Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document(pdf) attached below.As soon as it is setup, you transaction abilities will be fully restored.Best Regards, Online Security departament, Federal Deposit Insurance Corporation.
The spamvertised FDIC_document.zip is currently detected as Mal/BredoZp-B.
The second campaign is impersonating Western Union for malware serving purposes.
ATTENTION!DEAR CONSUMER , You have received a remittance, more information about the money transfer is in the attached file.Money Order can be cashed at any branch or bank in Your citySincerely , Westernunion
The spamvertised attachments are currently detected as Mal/Zbot-CX.
Users are advised not to interact with suspicious emails, or spam emails in general.
- Spamvertised 'Scan from a Xerox WorkCentre Pro' leads to malware
- Spamvertised Uniform traffic tickets and invoices lead to malware
- Spamvertised United Parcel Service notifications lead to malware
- Spamvertised United Parcel Service emails lead to scareware
- Federal Reserve themed emails lead to ZeuS crimeware
- ‘McDonald’s Free Dinner Day’ emails lead to scareware
- Spamvertised bank statements serving scareware
- Spamvertised Post Office Express Mail (USPS) emails lead to malware
- Spamvertised “Reqest Rejected” campaign leads to scareware
- Spamvertised ‘Facebook. Your password has been changed!’ emails lead to malware