Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo


FNBO Account Application Malware Email


Outline

Email purporting to be from First National Bank of Omaha (FNBO) claims that your account application has been received and invites you to open an attached file to view documents about your application.

Brief Analysis

The email is not from FNBO. The attachment does not contain account application documents. Instead, it the attached .zip file harbours a .exe file that, if opened, can install malware on your computer.

Example

Re: Applicant #9908541042
Hello,
Your application for an FNBO Direct account has been received. As an FNBO Direct customer, not only will you receive an exceptional interest rate, you can be confident your accounts are held by a bank established in values of trust, integrity, and security.
Please find in the attached document information concerning your application.
Copyright (c) 2014 FNBO Direct, a division of First National Bank of Omaha. All Rights Reserved. Deposit Accounts are offered by First National Bank of Omaha,
Member FDIC. Deposits are insured to the maximum permitted by law.
P.O. Box 3707, Omaha, NE 68103-0707
For information on FNBO Direct's privacy policy, please visit [Link removed]
Email ID: A0963.6

(Email included attached file with the name: 'FNBO_Direct_application_9908541042.zip')


Detailed Analysis

Email Claims FNBO Account Application Received

According to this email, which claims to be from First National Bank of Omaha (FNBO), you application for an FNBO Direct account has been received.

The message advises that information about your application is contained in an attached document.

Email is not From FNBO - Attachment Contains Malware

However, the email is not from FNBO, and the attachment does not contain account application documents.  In fact, the email is a criminal ruse designed to trick you into installing malware.

If you opened the attached .zip file, you would find that it contains a .exe file. Clicking the .exe file would install a trojan on your computer.

Typically, such malware can harvest sensitive information from the infected computer, connect to remote servers operated by criminals, and download further malware.

Uses Simple Social Engineering Tricks

Like many other malware messages, this one uses simple social engineering tricks to get people to open the attachment without due caution.

Firstly, it masquerades as a seemingly legitimate business message and uses the name of a real company.

Secondly, it attempts to panic people into clicking the attachment in the mistaken belief that a bank account has been opened in their name without their knowledge. On seeing the message, some recipients may fear that their identity has been stolen.

If you receive this message, do not open any attachments or click any links that it contains.

You can report fraudulent FNBO emails via the reporting address on the bank's website.


FNBO Malware Email

© Depositphotos.com/ stuartmiles



Last updated: October 13, 2014
First published: October 13, 2014
By Brett M. Christensen
About Hoax-Slayer

References
'Your FNBO Direct application has been received' fake email contains trojan
FNBO Email and Online Fraud