Recent reports are showing that cybercriminals are targeting the abuse departments within financial institutions. Reports from a number of financial institutions show emails being sent to their abuse departments reporting a fake phishing email and hoping to have fraud analysts click on the click to investigate, when an attempt is then made to install malware on the users computer.
The emails have been in a similar format to the following:
From: [email protected]
Sent: Sunday, April 25, 2010 6:23 PM
Subject: Possible Fake Web Site
Hello, I just received an email stating it was from your bank and since I don’t have any accounts with you I think this is a fake site.
I just thought you might like to know someone is trying to scam your customers.
The email had the following link to your bank
http://bigtony4u.brinkster.net/tony.aspx?site=http://www.xxxBANK-BRANDxxx.com&sessionid=9291e2d4-bd41-4ae3-8b94-4cde37283ccb&task=AccountUpdate
Thanks, I hope you catch the scammers.
– Steve
More from SecurityWeek News
- Threat Hunting Summit Virtual Event NOW LIVE
- Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
- Threat Modeling Firm IriusRisk Raises $29 Million
- SentinelOne Announces $100 Million Venture Fund
- Today: 2022 CISO Forum Virtual Event
- Cymulate Closes $70M Series D Funding Round
- SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
- Privilege Escalation Flaw Haunts VMware Tools
Latest News
- OpenSSL Ships Patch for High-Severity Flaws
- Software Supply Chain Security Firm Lineaje Raises $7 Million
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Vulnerability Provided Access to Toyota Supplier Management Network
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- Linux Variant of Cl0p Ransomware Emerges
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
