Bank of America Spam Message Leads to Wordpress Site that Delivers Ransomware

 Analysis by: Cedrick Ramos

A spam campaign sending a huge volume of email messages that require you to pay a debt in order to avoid going to court. These spammed messages pretend to be from a credit or lending department of a bank such as Bank of America. It claims that the said department investigated your payment records. The message also urges the user to click on a link to access the full report and recommendations on resolving the issue. Users clicking on the link are lead to a possibly compromised Wordpress site. Once accessed, it downloads a malware on the user's system. As of this time, it is downloading a ransomware.

Users are always advised to read messages carefully before doing any action. Trend Micro product users are protected from the threats this spammed message brings as the Smart Protection Network reputation technologies work hand-in-hand to block the spam, block access to the malicious site, and prevent execution of the ransomware.

 SPAM BLOCKING DATE / TIME: November 30, 2016 GMT-8
 TMASE INFO
  • ENGINE:8.1
  • PATTERN:22734