The Latest in IT Security

SendSecure Support spam: “You have received a secure message from Bank Of America”

20
Feb
2013

This fake SendSecure Support / Bank of America spam comes with a malicious attachment called secure_message_02202013_01590106757637303.zip:

Date:      Wed, 20 Feb 2013 11:23:43 -0400 [10:23:43 EST]
From:      SendSecure Support [[email protected]]
Subject:      You have received a secure message from Bank Of America

You have received a secure message.

Read your secure message by opening the attachment. You will be prompted to open (view) the file or save (download) it to your computer. For best results, save the file first, then open it.

If you have concerns about the validity of this message, please contact the sender directly.

First time users – will need to register after opening the attachment.
Help – https://securemail.bankofamerica.com/websafe/help?topic=Envelope
The zip file secure_message_02202013_01590106757637303.zip unzips into secure_message_02202013_01590106757637303.exe with a VirusTotal detection rate of 6/46. According to ThreatExpert, the malware installs a keylogger and also tries to phone home to:

blog.ritual.ca
dontgetcaught.ca

These sites are hosted on 74.208.148.35 which I posted about yesterday. Blocking access to this IP might mitigate against this particular threat somewhat.

Leave a reply


Categories

TUESDAY, SEPTEMBER 29, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments