Symantec experts have uncovered an interesting phishing campaign that relies on the potential victims’ curiosity to trick them into handing over their online banking credentials.
It all starts with an email that reads something like this: “We have been advised by our customer to wire $36,430 of the agreed pending transaction. Kindly confirm with your bank if you have received the money in your account.”
The emails carry an attachment represented by a file named “tt $36,430.html.” When opened, the victim is presented with an image of the payment order.
However, the image is very faint and difficult to read. In addition, after 4 seconds, the image disappears and internauts are informed that they’ve been logged out of their email accounts.
In order to view the payment order, they’re advised to sign in to their email.
When the OK button is clicked, victims are presented with a webpage that mimics the login page of a well-known bank. Here, they’re asked to provide their bank credentials or their email address.
It goes without saying that you should avoid such emails. If you want to access your online banking account, do it by typing the site’s address into the address bar yourself, not by clicking on shady-looking links.