If you receive an e-mail supposedly from the ‘Bank of America’, with an alleged expenses report attached, make sure you do not open it. Delete it at once.
The subject of the e-mail states that this is a ‘”statement of expenses” report notification, with a matching message inside, tagged with the ‘Bank of America’ logo on top and a short message, which supports the header line.
The e-mail in question contains an attached ZIP file named ‘report <date-number>.ZIP’. Inside the ZIP there is an executable file with a matching name.Once executed, your machine becomes yet another victim station for the Bot to continue spreading the malware around.
Since this is a ZeroDay threat, most anti-viruses do not detect it. It is important to set your e-mail client to prevent from getting such files (usually it is set by default, at least mine is), and if you do get them, by all means do not execute.
Leave a reply