14 DAY TRIAL // Several scam advisory websites and security firms are warning users about malware-carrying emails that purport to come from Citibank Paymentech.
The emails, entitled “Merchant Statement,” read something like this:
“Attached is your Citibank Paymentech electronic Merchant Billing Statement. If you need help, please contact your Account Executive or call Merchant Services at the telephone number listed on your statement. PLEASE DO NOT RESPOND BY USING REPLY.
This email is sent from an unmonitored email address, and your response will not be received by Citibank Paymentech.
Citibank Paymentech will not be responsible for any liabilities that may result from or relate to any failure or delay caused by Citibank Paymentech’s or the Merchant’s email service or otherwise. Citibank Paymentech recommends that Merchants continue to monitor their statement information regularly.”
The file that’s attached to these emails is not a billing statement, but a piece of malware identified by Bitdefender as a variant of the notorious Zbot Trojan.
As Hoax Slayer highlights, similar emails started making the rounds at the end of 2012. At the time, the wording was slightly different and the notifications purported to come from Chase Paymentech, not Citibank Paymentech.