14 DAY TRIAL // An email claiming to be from the Royal Bank of Canada sending payment information has been found to deliver malware in the attachment.
Opening the attached file actually launches the malicious file and infects the computer. Multiple types of subject lines are used by the cybercriminals, but they all seem to announce that a bank Interac transfer has been accepted. Interac is a banking service for transferring money that operates in Canada.
If the recipient happens to rely on Interac banking services, they would be tempted to open the attachment and release the malware on the computer system.
The name of the attached file is “INTERAC_PAYMENT_07222014.zip” and it contains an executable file with the same name.
Onlinethreatalerts checked this item and it appears that it is identified as a threat by multiple antivirus engines; some pick it up as a generic malicious file, others have assigned it a signature.
Trojans can be used for different nefarious purposes and the most prevalent is for downloading other malware on the infected machine. This can turn the computer into a bot used for delivering spam messages or for collecting and exfiltrating sensitive information.
In most cases, verifying the sender of the message in the source of the email generally provides proof of the legitimacy of the email.