Issue 160 - August, 2013 (2nd Edition) - Page 17
Bank of America 'Transaction is Completed' Malware Emails
Emails purporting to be from Bank of America claim that a transaction has been completed and that a large sum of money has been successfully transferred. The message claims that a payment receipt is included in an attached file.
© Depositphotos.com/ Arturo Limón Fernández
The email is not from Bank of America. The attachment contains a trojan that can steal information from the infected computer. Do not click any links or open any attachments that the email contains.
Transaction is completed. $22336506 has been successfully transferred.
If the transaction was made by mistake please contact our customer service.
Receipt on payment is attached.
*** This is an automatically generated email, please do not reply ***
Bank of America, N.A. Member FDIC. Equal Housing Lender Opens in new window
© 2013 Bank of America Corporation. All rights reserved
This email, which purports to be from Bank of America, informs recipients that a "transaction is completed". According to the message, a very large sum of money has been successfully transferred. The message claims that recipients can access a payment receipt about the completed transaction by opening an attached file.
However, the message is not from Bank of America. And the claims about a completed transaction are just a criminal ruse designed to trick recipients into opening the attached file. The amount of the specified transfer varies in different incarnations of the scam email. However, it is always a sum sufficiently large enough to panic some users into opening the attachment without due caution.
Opening the attachment reveals a file called "payment receipt [date].zip". Unzipping this file in turn reveals a .exe file. Running the .exe file will install a trojan
on the user's computer. Typically, such trojans can steal personal and financial information from the compromised computer and send it back to the criminals operating the attack. They can also download and install more malware and allow criminals to remotely access and control the infected computer.
Another recent malware campaign consisted of fake Bank of America emails claiming to contain a merchant billing statement
in an attached file. Again, the attachment contained malware.
If you receive such an email, do not open any attachments that it contains. Some versions may try to trick users into visiting a bogus website to download the malware payload, so do not click any links in such emails either.
Last updated: August 1, 2013
First published: August 1, 2013
By Brett M. Christensen
Pages in this issue:
- Hoax - 'Lawful Interception Recovery Fee' on AT&T Bill
- Cell Phone Photos Privacy Risk Warning
- Mars, Earth - Closest Approach in Recorded History
- Deaths From Free Perfume Samples Hoax
- Image of Dog Heads On Supermarket Shelf
- Has Sylvester Stallone Announced That He Has Surrendered His Life To Christ?
- 'Unclaimed Tesco Voucher' Phishing Scam
- Is Facebook Removing A Picture Depicting A Breast Cancer Survivor's Tattooed Chest?
- ATO Tax Refund Malware Emails
- Facebook Message Warns Cutest Baby Comp Images Being Used on Sex Slave Site
- Kidnapped Hakken Boys Are Now Home Safe and Well
- Message Warns Of Requests for Photos Of Babies With Nappies Open
- Six Flags Free Season Tickets Like-Farming Scam
- Boob Melons Hoax - 'Vietnamese Gourd or Pumpkin' Images
- Faux Images - Mermaid Skeleton
- A 'Yes' Vote in an Upcoming Australian Referendum Will NOT Result in Sharia Law Being Implemented
- Bank of America 'Transaction is Completed' Malware Emails
- WhatsApp 'Servers Really Full' Hoax
- Nichole Morgan Friend Request Hacker Hoax
- BT Yahoo! Mail 'Classic Version Closing' Phishing Scam
- X Factor Australia Like Farming Scam
- Giant Rabbit Photographs
- Costco Voucher Giveaway Like-Farming and Survey Scam