Gladiator Research and Security

The FDIC has issued an advisory warning consumers and financial institutions about a new email phishing scheme purportedly from the Federal Reserve Bank.  The email claims there are new restrictions in place for wire transfers, and provides a link to two websites providing more information.  These sites attempt to download malicious Trojans onto victim PCs.  A copy of the phishing email can be seen in the FDIC advisory linked below.  As always, Gladiator recommends that users do not click on links contained in unsolicited email.  If you already received this phishing email and clicked on one of the links, Gladiator recommends that you run a full antivirus scan of your PC.  Furthermore, you can try running a malicious software removal tool, such as Malware Bytes Anti-Malware, in an attempt to find any other unwanted programs.

Happy Halloween, everybody!  This is a great holiday that brings out the kid in all of us.  Unfortunately, it also brings out the email forwards with games that could be more “trick” than “treat.”  Malware authors are quick to take advantage of any holiday to send us fun, new ways to spend our free time.  In this case, our free time may be spent cleaning up some new spyware or trojans.  CRN has a nice piece on Halloween malware from the past few years.  I suggest you check it out and let your employees know to beware of email forwards with Halloween subjects.

Related Links:

• CRN: 9 Scary Halloween Tricks (http://www.crn.com/security/211800350)

Dark Reading, an IT security website, recently released an article on the new dangers of social engineering in this current time of financial difficulties. Specifically, the article warned of the dangers of spear phishing directed at financial institutions [spear phishing is a targeted social engineering attack directed at a specific company].  New attacks are preying on people’s fears over the current economy.  Financial institutions are seen as particularly vulnerable to these attacks since employees are more concerned with job security and institution performance in a weaker economy.  Auditors are finding it easier to trick employees by claiming to be federal regulators or by sending emails with information on how the institution is gaining ground on competitors.

GSA Reference Number: AD080512-01

Simply Put: A new phishing scam is currently making its way around the internet. Phishers are sending out email which appears to come from the IRS with information on your 2008 Economic Stimulus Refund. The email requests that you fill out an online form with your personal information so the check can be directly deposited in your bank account. The link to the form is included in the email. This email is not from the IRS, and is designed to steal a person’s identity.

GSA Reference Number: AD080116-01

Simply Put: A new phishing attack has been targeted to customers of a financial institution in Italy. This attack is unique because it links to the institution’s actual website instead of using a fake website like most phishing attacks. Once the customer clicks on the link in the email, they are directed to the institution’s website to log on. However, an attack embedded within the link allows the attacker to capture the username and password as the user logs in. The username and password are recorded by the attacker for future use.

GSA Reference Number: AD071129-01

Simply Put: The Department of Homeland Security has alerted on a new wave of attacks directed toward corporate networks. Users are receiving emails containing Trojan horses or are directed to malicious websites. The sites are using “zero-day” vulnerabilities, meaning there are no patches or network IPS signatures available at this time to protect against the specific attacks that are in use.