The Federal Bureau of Investigation (FBI) released an advisory to warn Internet users of a new phishing campaign that relies on fake emails coming from legitimate organizations to spread a piece of malware called Gameover.
The malicious emails may come from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC) and they bare an attachment that carries a newer variant of ZeuS, the infamous Trojan designed to target bank account credentials.
Typically, the unsolicited emails warn the recipient on a problem with his bank account or a financial transaction issue.
The notifications contain a link that points to a phony website storing the Gameover malware which almost immediately infects the victim's device with the purpose of stealing banking information.
To make sure they get away with their crimes, the masterminds that launch these campaigns rely on “money mules” that perform transactions and purchase jewelry and expensive watches to launder the money.
While in many cases the mules are part of the scheme, there have been situations where innocent unsuspecting individuals are hired via “make money from home” advertisements.
In order to make everything as legitimate as possible, these unknowing mules are offered work contracts and instructed to perform bank transactions using their own accounts. This way, the money trail is harder to trace and it becomes difficult for the investigators and the banks to recover the lost amounts.
The cybercriminals also launch distributed denial of service (DDoS) attacks against the financial institutions involved to deflect attention. During this time, while the bank is focusing on mitigating the attack, the crooks can perform their illegal transactions without being observed.
Users who encounter such emails are advised to immediately contact their financial institutions to set up a credit monitoring service and file a complaint with the FBI’s Internet Crime Complaint Center.