Sophos’s worldwide network of honeytraps are intercepting a large amount of malicious email, claiming to come from the Federal Deposit Insurance Corporation (FDIC). The emails are designed to infect recipients’ computers.
Subject line:
FDIC Notification
Message body:
Dear customer,
Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document(pdf) attached below.As soon as it is setup, you transaction abilities will be fully restored.
Best Regards, Online Security departament, Federal Deposit Insurance Corporation.
Attached to the emails is a file called FDIC_document.zip.
Sophos proactively detects the file, calling it Mal/BredoZp-B. Our advice is that you should not open the attachment as it will…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.