|
|
       
|
|
Announcements [View All]
ALERT: FDIC Malware Phish CUISPA Alert 1019 FDIC Spearphish: The following FRAUDULENT EMAIL was discovered 10/19/06 at ~1:00pm ET by Hudson Valley Federal Credit Union. Overview: This email, unlike typical phishing attacks target employees of corporations/institutions using regulatory compliance as a hook to entice recipients into downloading an “FDIC system upgrade”. This official looking email does not ask for private information but instead directs viewers to a website (hosted in Mexico) that outlines a three step process to entice recipients into downloading a file in order to comply with existing FDIC regulation. Findings: According to CUISPA Affiliate member MicroSolved Inc.’s analysis, the executable contains is a known high-risk keystroke logging trojan - Delf.jq. Technical details are available at: http://www.sophos.com/security/analyses/trojdelfjq.html This attack provides an interesting twist where the attacker has shifted focus from phishing information from consumers and directed it towards compromising the institution. Recommendation: It is strongly recommended that you alert your staff and warn against following the instructions and consequently downloading the associated file. Attachment: A complete technical summary has been provided by John Brozycki from Hudson Valley FCU. Click here to get the report ..................................... CUISPA Member services (512)465-9711 ..................................... |
|
|
 |
|||||||||||
