14 DAY TRIAL // Now that many Target and Neiman Marcus customers are concerned about the safety of their identities and bank accounts, cybercriminals know that it’s a perfect time to revive an old Experian-themed spam campaign.
The emails spotted by ThreatTrack Security carry the subject line “IMPORTANT - A Key Change Has Been Posted,” and they read something like this:
“A key change has been posted to one of your three national Credit Reports. Each day we monitor your Experian®, Equifax and TransUnion Credit Reports for key changes that may help you detect potential credit fraud or identity theft.
Even if you know what caused your Report to change, you don’t know how it will affect your credit, so we urge you to do the following: View detailed report by opening the attachment. You will be prompted to open (view) the file or save (download) it to your computer. “
The file attached to the emails is not a detailed report and it has nothing to do with Experian. Instead, it’s a piece of malware. More precisely, it’s a variant of the Upatre downloader, which retrieves other threats, including the ZeuS banking Trojan, to infected devices.
Variants of this spam email were seen making the rounds in March and April 2013.
Target is offering customers whose payment card data has been compromised in the recent breach one year free identify protection services with Experian. This makes it a perfect opportunity for scammers and cybercriminals to launch Experian-themed campaigns.
Unfortunately, Target isn’t doing a very good job when it comes to notifying impacted customers via email. The alerts are sent out even to people who have nothing to do with the retailer, and even spam traps.
Users are advised to be cautious when receiving communications related to the Target data breach.