Debunking hoaxes and exposing scams since 2003!





Jump To: Example    Comments   References

Bendigo Bank 'Morning Update' Malware Email


Jump To: Example    Comments   References

An email professing to be a 'Morning Update' from Australia's Bendigo Bank is currently hitting inboxes.

The subject line of the email says 'Bendigo Bank Morning Update'.

The body of the email contains the name of the staff member who supposedly sent the message along with direct contact phone numbers. It also includes a typical business email disclaimer that contains the email address and phone number for Bendigo Bank.

In addition, the email includes an attached .zip file named Bendigo_Report_#[random string of numbers].zip.

Of course, the email is certainly not from Bendigo Bank and the attachment does not contain a morning update.

The .zip file harbours a malicious file that, if opened, can install a trojan on your computer. Once installed, this trojan can download and install further malware components that may steal information such as passwords from the infected computer and allow criminals to control the computer from afar.

These types of criminal campaigns are deceptively simple. They rely on natural human curiosity to trick people into infecting their computers. Less computer savvy recipients may well open the attachment without realizing the danger. Especially if they are Bendigo Bank customers.

The scammers have made the email appear a little more legitimate by including the bank's genuine email address and phone number in the email disclaimer.

Details such as the name of the supposed staff member and the direct phone numbers may vary in different incarnations of the email.

If you receive one of these emails, do not open any attachments or click any links that it contains.

   

Share







Bookmark and Share





related Links

Related Links

Identity theft is one of the fastest growing crimes in the world. Learn how to stay safe online with Hoax-Slayer's comprehensive eBook:




Example

Subject: Bendigo Bank Morning Update

[Random Name]

Bendigo and Adelaide Bank

Phone: [Random Number]

Direct : [Random Number]

Mobile: [Random Number]

********************************************************************************

This communication is intended only for use of the addressee and may contain legally privileged and confidential information.

If you are not the addressee or intended recipient, you are notified that any dissemination, copying or use of any of the information is unauthorised.

The legal privilege and confidentiality attached to this e-mail is not waived, lost or destroyed by reason of a mistaken delivery to you.

If you have received this message in error, we would appreciate an immediate notification via e-mail to [removed] or by phoning [removed], and ask that the e-mail be permanently deleted from your system.

Bendigo and Adelaide Bank Limited ABN [Removed]

********************************************************************************



Trojan

Last updated: April 9, 2015
First published: April 9, 2015
By Brett M. Christensen
About Hoax-Slayer

References
Troj/Invo-Zip
FedEx Document Malware Email






More stories!

'Internet Capacity Warning' Phishing Scam
According to this email, which claims to be from the 'Support Department' at 'Information Technology Services', your internet capacity is 70% full and you therefore need to contact support to avoid problems.
Published: July 6, 2015


Kroger 'Free Coupons' Survey Scam
Message being distributed across Facebook claims that users can receive free coupons from American retailer Kroger just by sharing a message and visiting a third party website to claim their prize.
Published: June 16, 2015


Pointless Facebook Warning - Hackers Posting Insulting Messages or Sexual Content In Your Name
'Hacker' alert messages circulating on Facebook claim that, without your knowledge, hackers are posting insulting or sexual messages that appear to come from you onto your Facebook Timeline.
Published: June 3, 2015