close
Banks

Spam campaign tricking users into installing malware capable of several damaging functions

bank transfer

A spam campaign posing as convincing bank transfer statements is tricking users into installing malware on their devices, malware that’s capable of several damaging functions.

According to cloud security firm CYREN, whose researchers discovered the spam campaign active this past week, the emails arrive with subject lines such as: “Online wire transfer payment notification,” “Payment update,” and “Swift copy.”

These spam emails inform users they received an international bank transfer, which they can review by opening the attached file, named “Swift copy,” with Swift referring to the SWIFT technology used in international bank transfers.

Researchers say that the emails come disguised as transfer statements from banks such as Emirates NDB (UAE and other countries) and DBS (Singapore and other countries).

Every time the user logs into his PC, the Visual Basic script will execute the filename.exe file.

In turn, the EXE file will install a keylogger on the user’s computer, and log both keypresses and mouse movements.

Risk Warning:

Please remember that financial investments may rise or fall and past performance does not guarantee future performance in respect of income or capital growth; you may not get back the amount you invested.

There is no obligation to purchase anything but, if you decide to do so, you are strongly advised to consult a professional adviser before making any investment decisions.

Paul

The author Paul