Peaches Posted February 3, 2011 Report Share Posted February 3, 2011 Bank of America Phishing Attack Delivers Spoofed Page via Trojan A new phishing attack targeting Bank of America customers spreads a trojan that opens a local spoofed page asking for personal and banking details.The attack, analyzed by security researchers from Sophos, generates email purporting to come from Bank of America and urging users to verify their billing information. Unlike traditional phishing emails which advertise a link to a spoofed page, or at least have an attached HTML document, this attack opted for an attachment called BillingVerification.exe. This is unusual, because .exe files present in email messages are much more easier to detect by anti-spam filters and antivirus programs than rogue links.Nevertheless, the executable is a self-extracting archive that drops a file under C:\bankofamerica\verification\BillingVerification.html and opens it with the default browser. The local HTML displays a fake Bank of America account verification page which contains a form for inputting personal information, as well as account and online banking details.http://news.softpedia.com/news/Bank-of-America-Phishing-Attack-Delivers-Spoofed-Page-via-Trojan-182175.shtml Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.