Fake bank emails with attachments
What happened?
Customers of Barclays, Royal Bank of Scotland, HSBC, Lloyds Bank and Santander are being targeted by hackers trying to steal their banking details, according to researchers at security company Bitdefender.
Thousands of people received a phishing email claiming to come from a tax accountant or consultant. The criminals behind it are currently using three different types of message in the scam to test which is most effective.
One email purports to be a follow-up message from a tax consultant. It asks users to download an attached archive, then provide information to complete a financial transaction. Another email contains financial documents and asks the recipient to verify them.
A third email comes with the subject line “Alert regarding penalties imposed” (see screenshot). Attached is a zipped document which, the email says, contains information about “money penalties imposed on your firm”.
In each case, downloading the attached file downloads the deadly Dyre banking trojan to your PC. First detected in 2014, Dyre hides on a victim’s PC, springing into life when the user enters personal information on a specific site – such as the password for online banking. Criminals can steal your details without you ever knowing. People who bank online in the US, Australia, France and Germany have also been targeted.
Researchers found that Dyre was targeting Microsoft Outlook users in January 2015 to send infected emails from a user’s account.
What should you do?
This is one of the most sophisticated banking-related phishing scams we’ve seen in 2015, but it still relies on the user downloading an attachment. So you should be safe as long as you don’t click any suspicious files emailed to you.
Because Dyre hackers can steal your money without you knowing, you should also check your bank statements regularly, and report any transactions that seem amiss to your bank.