New Phishing Campaign Impersonates Secure Messages From Banks- Secretly Delivers Malware

By   ISBuzz Team
Writer , Information Security Buzz | Oct 02, 2017 09:00 am PST

It has been reported that Cybercriminals are using a new phishing campaign that impersonates “secure messages” from private financial institutions such as Bank of America and TD Commercial banking to deliver malware to unsuspecting victims, security researchers have found. The spoof emails claim to be secure messages from a legitimate banking institution and instruct the user to either download an attached document, reply to the sender or follow a set of instructions. They also use legitimate-looking bank domains, the institution’s logo and even a confidentiality statement at the bottom of the email to trick the user into believing these are secure message from their bank. IT security experts commented below.

Mark James, Security Specialist at ESET: 

mark james“It is definitely getting much harder for the average member of the public to determine whether emails are good or bad. With emails being one of the top methods of communication these days, we have to sort through the plethora of deliveries to our mailboxes to see what is worthy of our attention.

Sadly, our means of deduction are limited to a few senses- namely Sight and ESP. The job is not easy but it’s even harder when things look right.

When the email itself appears to come from someone you trust telling you that there is a problem and offering free advice on how to fix it, your first thoughts are “why me!”- then you need a quick way to check what damage has been caused. You are of course weary of dodgy emails, but these are offering a “secure message”- a much safer way of reading emails , or so everyone tells you!

But sadly even those are not safe. The only way you can be safe is to contact the sending party by a separate means and ask them if they have sent you the message in the first place. If they have then your good to go, if not then you may have saved yourself from being scammed or even robbed.”

Lee Munson, Security Researcher at

lee munson“Phishing is big business and emails that claim to have come from financial institutions are nothing new at all.

And, just because a message claims to be “secure,” doesn’t mean that it is so.

Home users and people within the workplace need to keep their wits about them at all times as the bad guys will try anything to get hold of financial, business or personal information from which they will hope to profit.

With a small amount of education, everyone will know the tell-tale signs that the email they just received is not quite what it seems.

Points to look out for and be aware of include not clicking on links in emails unless it is clear where they lead to, never opening attachments from unknown senders, checking for obvious spelling and grammatical mistakes, not being hurried into making a rash decision, always assuming that something which appears too good to be true is and not being afraid to verify an email sender’s identity by calling them up on a publicly available phone number.”