Fake Banking Email Targets Your Wallet, Computer
A new spin on an old cybercrime ploy is using a devious fake warning about users' bank account info to trick them into opening their wallets.
Scam emails are spreading around the Web claiming to contain an important financial statement regarding users' bank accounts, researchers at the security firm BitDefender reported.
The supposed important info is located in what looks to be a Microsoft Word attachment called "Financial_Statement.exe," BitDefender said. (Similar scams use a "Postal_document.exe" attachment.)
For the average computer user, especially one who relies on the Internet for online banking, a message about your finances will most likely get your immediate attention, and put you square in the cybercriminals' sights.
However, the financial statement attachment has no sensitive info from your bank; instead, it has a Trojan that copies itself onto your system.
Like most dangerous Trojans , its presence on your computer heralds stormy seas ahead.
In this case, the rogue attachments attempt to trick users into purchasing anti-virus software they don't need.
"The application floods the screen with lots of warning pop-ups to scare the user into buying a useless disinfection tool," BitDefender wrote.
The offending Trojan also shuts down programs and informs victims that the programs are infected with a virus.
BitDefender warns users to never open suspicious email attachments, especially if they come from a bank, as banks will never send unsolicited emails about your financial information.
It's also recommended that users install and regularly update anti-malware and anti-virus software to proactively take a stand against these types of scams.