Security researchers warn about a wave of fake emails purporting to come from the Federal Reserve and distributing a variant of the notorious ZeuS trojan.
Even though the email body contains the header and logo of the Federal Reserve, the messages were crafted to appear as originating from email@example.com.
NACHA is the Electronic Payments Association, an organization whose name has been abused in several spam campaigns lately.
The presence of that email address suggests that this spam run is the work of the same gang responsible for the NACHA ones.
The rogue emails carry a subject of "Your Wire fund transfer
" and claim that a transfer has failed. "The outgoing Wire fund transfer, a short time ago sent from your banking account, was not processed by the Federal Reserve Wire Network. Please click here to view further information,
" the messages read.
Clicking on the included link prompts users to download a file called federalreserve.report.pdf.exe which is in fact a ZeuS installer.
ZeuS is a sophisticated banking trojan designed to steal online banking credentials, as well as other personal and financial information. It is one of the most popular tools used by cyber fraudsters.
Security researchers from Barracuda Networks warn that this spam campaign is very aggressive and the amount of emails distributed is significant.
"The spam amounts are approaching many hundreds of thousands a day and although they are being delivered to a wide cross-section of Internet users, the content of the spams is aimed at users of online banking services
," the write
Users should be wary of any emails purporting to come from financial organizations and containing links. When they have reason to believe the messages might indeed be real, the best course of action is to call the institution and confirm it over the phone.