14 DAY TRIAL // Security researchers warn of a new phishing and malware distribution attack targeting customers of Bank of America's Military Bank service.
The Bank of America Military Bank provides financial solutions tailored for the specific needs of active and retired military personnel, as well as veterans or government employees.
Romanian antivirus vendor BitDefender has issued an warning about fake emails directing Military Bank customers to a phishing website.
"This letter is to inform you that there is an update required for your Bank of America Military Bank Account, for this reason your account has been flagged. In order to update your account, please follow this link," the rogue messages read.
It looks like the attackers have timed their campaign to coincide with a real Military Bank Online service update.
An announcement posted on the website informs visitors of a system redesign and includes a link to the new version.
The fake page linked in the email is a clone of the legit site and includes the redesign announcement, which gives more credibility to the whole scam.
Users who don't pay attention to the missing SSL security elements and attempt to log into the system via this phishing page will have their online banking credentials stolen.
Furthermore, they will get redirected to a second page, which instructs them to download and execute a file called updatetool.exe.
The tool is allegedly supposed to help customers update their accounts, but in reality it installs a version of the Bredolab trojan on their computers.
"Among other calamities, Bredolab is probably best known for two of the most disruptive effects malware can have on computer operation – installing Rogue AV and system spying," the BitDefender researchers explain.
Users are advised to run an up-to-date antivirus program, check for the presence of security elements like SSL when accessing sensitive websites and call their bank about any email alerts regarding their accounts received via email.