One of the most recent phishing raids complemented by a mass malware distribution campaign targets the US troopers who have deposited their money into accounts opened with Bank of America.
The unsolicited message besieges the military recipients with a notification about an important update of their accounts and asks them to follow a link leading to an alleged on-line form.
Figure 1 – The bombing phase – trying to “hook” the unwary users
However, the landing Web page does not pertain to the financial institution, but it is just an e-ambush meant to surrender soldiers’ credentials to the cybercriminals’ databases via the account.php script.
Figure 2 – The phishing ambush – stealing the login credentials
But there is more – after being villainously robbed of their login credentials, the incautious users are required to also download and install an executable of a so-called update tool, which is, in effect, just another version of the Bredolab Trojan.
Figure 3 – The malware offensive – distributing Bredolab
Among other calamities, Bredolab is probably best known for two of the most disruptive effects malware can have on computer operation – installing Rogue AV and system spying.
To make sure you avoid this cybercriminal offensive, make sure you install a comprehensive security suite which provides antispam, antiphishing and antimalware protection to your system.
Safe surfing everybody!
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.