Payment Notification Arrives With Banking Trojan

Even with the holiday season fast approaching, cybercriminals are always hard at work at trying to yank your hard-earned money from right under your nose. We recently received samples of what appears to be a malicious spam campaign involving fraudulent bank transfer notifications with banking trojans attached. The banking trojans come in zipped archives and are passed off as the banking documents that the recipient of the mail urgently need to open, according to the spammed mail.

Some of the subjects used are payment notifications, invoices, and confidential documents among others. When users opened the attached file, it executes the banking threat detected as TSPY_TRICKLOAD.N. Users affected by this malware may find their online banking accounts compromised.

Trend Micro products with anti-spam feature protect users from this threat by detecting the spam emails thus preventing the execution of the malicious file on the system. Users however should always exercise caution whenever opening mails of a similar nature, especially when they sport attachments - either verify their contents with their supposed senders via another form of communication, or delete them right off.

 SPAM BLOCKING DATE / TIME: October 22, 2016 GMT-8
  • PATTERN:2650