Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

Bank of America 'Transaction is Completed' Malware Emails

Emails purporting to be from Bank of America claim that a transaction has been completed and that a large sum of money has been successfully transferred. The message claims that a payment receipt is included in an attached file.

Looking for malware

© Arturo Limón Fernández

Brief Analysis
The email is not from Bank of America. The attachment contains a trojan that can steal information from the infected computer. Do not click any links or open any attachments that the email contains.

Bookmark and Share
Transaction is completed. $22336506 has been successfully transferred.
If the transaction was made by mistake please contact our customer service.
Receipt on payment is attached.

*** This is an automatically generated email, please do not reply ***
Bank of America, N.A. Member FDIC. Equal Housing Lender Opens in new window

© 2013 Bank of America Corporation. All rights reserved

Detailed Analysis

This email, which purports to be from Bank of America, informs recipients that a "transaction is completed". According to the message, a very large sum of money has been successfully transferred. The message claims that recipients can access a payment receipt about the completed transaction by opening an attached file.

However, the message is not from Bank of America. And the claims about a completed transaction are just a criminal ruse designed to trick recipients into opening the attached file. The amount of the specified transfer varies in different incarnations of the scam email. However, it is always a sum sufficiently large enough to panic some users into opening the attachment without due caution.

Opening the attachment reveals a file called "payment receipt [date].zip". Unzipping this file in turn reveals a .exe file. Running the .exe file will install a trojan on the user's computer. Typically, such trojans can steal personal and financial information from the compromised computer and send it back to the criminals operating the attack. They can also download and install more malware and allow criminals to remotely access and control the infected computer.

Another recent malware campaign consisted of fake Bank of America emails claiming to contain a merchant billing statement in an attached file. Again, the attachment contained malware.

If you receive such an email, do not open any attachments that it contains. Some versions may try to trick users into visiting a bogus website to download the malware payload, so do not click any links in such emails either.

Bookmark and Share

Last updated: August 1, 2013
First published: August 1, 2013
By Brett M. Christensen
About Hoax-Slayer

Bank of America 'your transaction is completed' spam
Bank of America Merchant Statement Malware Email

Go to Mobile Version