Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Fake GoDaddy Emails | Main | More Malware Lure Stew Ingredients »

August 13, 2012

More Fake Bank of America Malware Lures

The Bank of America continues to be a popular brand name abused by those crooks out there who want to trick recipients into clicking their way to infection. They got their hands on a real Bank of America email notification—most likely stolen from one of the PCs they own from a previous infection—and used it to generate a pretty convincing replica of the type of notice a BofA online banking customer might receive. In this case notice that "Your Online Statement Is Ready", timed to arrive just about when BofA online statements for consumers are, indeed, ready:

Fake B of A Online Statement Notification

You'll save yourself a lot of potential aggravation and loss by rolling your mouse pointer over the action link, as shown above. Of course then you have to recognize that the actual URL of the link appearing in the tooltip is not to BofA, but to some other site (in this case a hijacked site of a fraternity chapter). And to save you further possible aggravation (I know you can't wait to enter that URL into your browser...but please don't) the destination is one of those "WAIT PLEASE Loading..." pages whose innards attempt to load up to three obfuscated JavaScript scripts—the same script at three different compromised sites, just in case one or more of them gets found out and taken down.

Shout it from the rooftops with me: CHECK IT BEFORE YOU CLICK IT!

Posted on August 13, 2012 at 08:54 AM