14 DAY TRIAL // Websense researchers have spotted an interesting cybercriminal campaign aimed at financial organizations located in Asian countries such as the United Arab Emirates, Pakistan and Nepal.
The attacks start with an email that appears to be coming from a remittance and currency exchange company. The bogus messages urge recipients to download an attached file that’s related to an “urgent money transfer.”
The file attached to the emails appears to be a harmless document, but in reality, it’s a version of the notorious ZeuS, a Trojan that’s designed to steal financial information from infected devices.
Usually, in such campaigns, tens of thousands or even hundreds of thousands of emails are sent out. However, this is a low volume campaign and the malicious emails are not designed to replicate notifications sent out by well-known financial organizations.
Additional technical details on this campaign are available on Websense’s blog.