FDIC Warns of New Threat
Fake E-mails Offer Assistance for ACH SecurityThe FDIC issued a new alert about an attack that claims retail and commercial accounts have been suspended because of suspected ACH and wire fraud. The e-mails state, "Your account ACH and WIRE transaction has been temporarily suspended for security reasons due to the expiration of your security version." The messages then go on to say that an attached PDF document contains instructions about how the business or consumer can download and install updated security versions.
The e-mails contain the attachment "FDIC_document.zip," which the FDIC warns likely unleashes malware to be installed on the recipient's PC. The fraudulent e-mails about ACH and wire accounts could be used to commit bogus ACH and wire transactions, leading to the siphoning of customer accounts.
"Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names and narratives," the FDIC states.
The FDIC has recently seen a number of targeted phishing scams. On Aug. 17, the FDIC was the target of a similar attack, with the subject line, "FDIC: Your business account" [See New FDIC Phishing Attack].
Earlier this week, the agency issued an alert about a different attack that targeted consumers and businesses. And last June, a separate attack encouraged recipients to click e-mailed links for details about "important information from your financial institution."