Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 154 - May, 2013 (2nd Edition) - Page 6

'Wire Transfer Canceled' Malware Email

Issue 154 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the US Federal Reserve claims that a wire transfer sent from the recipient's bank account was not processed and that details about the transfer can be viewed in an attached file.

Fed Reserve Wire Transfer Malware

© Depositphotos.com/Aleksandar Stojanov



Brief Analysis
The message is not from the Federal Reserve. The attachment contains a trojan that can allow criminals to hijack the infected computer and harvest personal and financial information. If you receive one of these emails, do not open any attachments or click on any links that it contains.

Bookmark and Share

Example
Subject: Your Wire Transfer 88287812 canceled

The Wire transfer , recently sent from your bank account , was not processed by the FedWire. 

Transfer details attached to the letter. 
This service is provided to you by the Federal Reserve Board. Visit us on the web at website 
To report this message as spam, offensive, or if you feel you have received this in error, please send e-mail to email address including the entire contents and subject of the message.

It will be reviewed by staff and acted upon appropriately


Wire Transfer Canceled Malware

Detailed Analysis


This email, which appears to have been sent by the US Federal Reserve, claims that a recent wire transfer sent from the recipient's bank account has been canceled and was not processed by FedWire. According to the email, the recipient can read details about the canceled transfer by opening a payment receipt contained in an attached .zip file.

However, the email is not from the Federal Reserve and the claim that a wire transfer has been canceled is a lie. The attachment does not contain a payment receipt. Instead the attached file harbours malware. Users who fall for the ruse and run the .exe file contained in the attached .zip will install a trojan on their computers. Once installed, the trojan can allow criminals to control the infected computer from afar. The malware may also collect personal and financial information and relay it back to the scammers.

The criminals responsible for such malware campaigns bank on the fact that at least a few recipients will open the attachment out of simple curiosity or because they believe that their bank account has been compromised. The scammers use a spoofed email address to make it seem that the email originated from the Federal Reserve.

If you receive one of these emails, do not open any attachments or click on any links that it contains.

Bookmark and Share

Last updated: May 1, 2013
First published: May 1, 2013
Research: Matthew T. Christensen
By Brett M. Christensen
About Hoax-Slayer

References
'wire transfer canceled' - watch out for spammed-out malware attack



Previous Article            Next Article

Issue 154 Start Menu

Pages in this issue:
  1. Facebook Page Hacker Warning Message - "Visit The New Facebook" Links
  2. Facebook Profile Viewer Scam
  3. Facebook Proposed Video Ads Message
  4. Becoming a Father or Mother Facebook Group Pedophile Warning Hoax
  5. BMW Advance Fee Prize Scam
  6. 'Wire Transfer Canceled' Malware Email
  7. Warning Message About False Widow Spider in UK
  8. Is the US Department of Defense/Pentagon/Obama Going to Court-Martial Christians?
  9. Email Exceeded Storage Limit Phishing Scam
  10. 'I'm Not Asking You to Like This' - Yet Another Sick Baby Donations For Sharing Hoax
  11. Bear Grylls Producer Snakebite Foot Injury Picture
  12. Citibank Paymentech Billing Statement Malware Emails
  13. Water Bottle Car Fire Warning
  14. Were Cages Placed Over Graves in Victorian Times to Trap the Undead?
  15. No, A Facebook Page is NOT Stealing Baby Photos of People Who Have 'Baby' On Their Walls
  16. Was an image of a Weird 'Half Cat' Captured by Google Street View?
  17. Messages Warn of 'Deadly Giant Snails' In Texas
  18. 'Facebook Online International Lottery' Advance Fee Scam
  19. Yet Another Deplorable Sick Baby Hoax
  20. ANZ 'Quick 3-Question Survey' Phishing Scam