Beware of Malware Disguised as a Secure Banking Message

After a big data breach, criminals will prey on consumer fear and the trust that members and customers have with their financial institutions. With the recent Equifax data breach there has been an increase in the amount of e-mails circulating that are actually malware disguised as a secure message from your financial institution.

According to SOS Daily News, “in a recent phishing campaign, discovered by Barracuda Networks, messages masquerade as legitimate and secured messages from banking institutions to trick people into installing malware onto their computers and devices.” Below is an example of a fraudulent e-mail targeting Bank of America customers.


                                          Image from SoS Daily News

“In this one, an email is received that claims to be a secure message from a financial institution. Inside is one of three possible phishing lures that researchers have seen thus far:

  • An attachment with included malware
  • Instructions to reply to sender
  • A set of instructions to perform actions that executes the malware

They are pretty difficult to detect as fake because they use domain names that look very close to the real ones. For example, they may be “Bank0fAmerica” where the “O” is replaced with a zero. This is called do-jacking or typo squatting.

They also use actual logos and copy the confidentiality statements word for word, making it even more difficult to identify it as phishing. As a rule, simply never click on an unexpected link; especially if it is from an unknown email address.

When receiving messages from financial institutions or any organization that has a confidential relationship with you, go directly into your account to check the secure message center rather than clicking links or attachments. There is no need to click links because these organizations always place those messages in your secure inbox in your account.

There are multiple variations of this attack and they make it past antivirus products in some cases. Once malware is on the device, it can be made more dangerous. The attackers may be able to remotely access it and turn it into ransomware, spyware, or information stealing malware.”

Here are some tips to keep in mind to help keep you from falling victim of identity theft:

  1. It’s always best not to click and links within an email. Clicking links could redirect you to a website that looks real but when you try to log in it will capture keystrokes.
  2. If you are concerned about an email you just got, go to their website yourself and check it out. Do not use the links provided.
  3. If you are concerned about an email you got call your financial institution, use the phone numbers from your statement or from the back of the card. Not the ones in an email.
  4. When you get an email (like pictured above) the scammers will hide the email address. Meaning you will see FROM: CHASE, but when you hover or check the email it comes up something like CARD@CHSAE.COM if you look close I swapped the A and S.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s