Wednesday, December 9, 2009

Fraudsters Deliver Another Round of Federal Reserve Emails

During the last week, the eSoft Threat Prevention Team has detected a number of malicious emails, allegedly from the Federal Reserve Bank. The emails warn the recipient of phishing attacks and instruct the user to follow a link for more detailed information on the threat.

The email appears to be legitimate, sporting the Federal Reserve emblem and containing a real looking domain, federalreservebank-oh.com. However, users following the link are exposed to malicious payloads, most recently the Oficla Trojan.




















Similar Federal Reserve Bank scams have been around for quite some time and are often used for phishing attacks. Example URLs contained in this newest rash of emails are shown below.




 



Always be cautious in following links in emails, particularly unexpected messages. If there is any doubt, contact the sender directly to verify the legitimacy of the message. The Threat Prevention Team is flagging these URLs as malicious, protecting SiteFilter customers from this threat. 

No comments: