Bogus e-mails from FDIC link computer users to viruses, says computer forensics expert

October 27, 2009 Bogus e-mails from FDIC link computer users to viruses, says computer forensics expert

Enlarge

Gary Warner is the UAB Director of Research in Computer Forensics. Credit: UAB

Cyber criminals are using fake messages claiming to be from the Federal Deposit Insurance Corporation (FDIC) to deliver a virus capable of stealing unsuspecting victims' bank passwords and other sensitive personal information, says Gary Warner, the director of research in computer forensics at the University of Alabama at Birmingham (UAB).

Warner says the is being delivered with one of two subject lines:

  • FDIC has officially named your bank a failed bank
  • You need to check your Bank Deposit Insurance Coverage
Warner says that once the message is opened the spam asks users to visit a specific Web site, a link to which is included in the message. Those that follow the link are taken to a page that asks them to click and download a copy of "your personal FDIC insurance file."

"Unfortunately, anyone who clicks that download link will be downloading a version of the Zeus Bot virus, which has the capacity to steal bank passwords and other financial and personal information," Warner says.

Warner and his research team in the UAB Spam Data Mine have been tracking the new spam for a number of days and report its delivery volume to be very high.

The spam claims to be from the e-mail address consumeralerts@fdic.gov, which is a real e-mail address used by the FDIC, but has obviously been forged by the malware distributors in this situation, Warner says.

"The behind this spam have gone to great lengths to mimic the logos and look of FDIC communications, including going so far as to forge an official FDIC e-mail address in an effort to confuse consumers into following links and downloading harmful programs," Warner says.

"As is the case with any agency or company e-mail, do not follow links or click downloads embedded in the messages. Instead, visit the site in question through your Web browser and log in as you normally would," he says. "If an entity has an important message for you, you'll be able to find it on its Web page.

"Legitimate companies will never ask you to download programs or enter your via an e-mail."

Source: University of Alabama at Birmingham (news : web)


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - not rated yet

Rank Filter

Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

  • frajo - Oct 27, 2009
    • Rank: not rated yet
    anyone who clicks that download link will be downloading a version of the Zeus Bot virus, which has the capacity to steal bank passwords and other financial and personal information

    Under which operating systems?

October 27, 2009 all stories

Comments: 1

not rated yet
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Computer forensics links internet postcards to virus
    created Jul 25, 2009 | popularity not rated yet | comments 0
  • Spurned spammers hack security site
    created May 11, 2006 | popularity not rated yet | comments 0
  • Image spam grows to 20 percent of spam
    created Jul 24, 2006 | popularity not rated yet | comments 0
  • 'Phishing' drops; are scammers switching tactics?
    created Aug 26, 2009 | popularity not rated yet | comments 0
  • Firm develops way to fight pictoral spam
    created May 17, 2006 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • Aspiring Engineering major looking for general answers
    created Nov 19, 2009
  • Calculating max load of square tube (steel)
    created Nov 19, 2009
  • Passive Chemical Heating
    created Nov 19, 2009
  • Shortening Boat Trailer
    created Nov 18, 2009
  • More from Physics Forums - General Engineering

Other News

China is the world's largest emitter of the greenhouse gases blamed for global warming

China harnesses mountain wind power

Technology / Energy

created 2 hours ago | popularity not rated yet | comments 0

In the mountains above the southwestern Chinese town of Dali, dozens of new wind turbines dot the landscape -- a symbol of the country's sky-high ambitions for clean, green energy.


Ubisoft steps up videogame fitness with virtual coach

Technology / Software

created 2 hours ago | popularity not rated yet | comments 0

French videogame powerhouse Ubisoft will have a virtual fitness coach whipping Wii users into shape starting Tuesday.


Hackers leak e-mails, stoke climate debate

Technology / Internet

created 13 hours ago | popularity 4.3 / 5 (18) | comments 12

(AP) -- Computer hackers have broken into a server at a well-respected climate change research center in Britain and posted hundreds of private e-mails and documents online - stoking debate over whether some scientists have ...


plug-in hybrid electric vehicle

Pulling the plug on hybrid myths

Technology / Energy

created Nov 19, 2009 | popularity 3.8 / 5 (12) | comments 17

(PhysOrg.com) -- Whether you call them myths, urban legends, fables or old wives' tales, there's a lot of misinformation out there about plug-in electric hybrid vehicles. These vehicles, abbreviated PHEVs, ...


UK police make 2 Trojan computer virus arrests

Technology / Internet

created Nov 18, 2009 | popularity 5 / 5 (1) | comments 10

(AP) -- A couple suspected of helping spread some of the Internet's most aggressive computer viruses has been arrested in the English city of Manchester, police said Wednesday.




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter