FDIC Warns of New Threat

Fake E-mails Offer Assistance for ACH Security
FDIC Warns of New Threat
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.

The FDIC issued a new alert about an attack that claims retail and commercial accounts have been suspended because of suspected ACH and wire fraud. The e-mails state, "Your account ACH and WIRE transaction has been temporarily suspended for security reasons due to the expiration of your security version." The messages then go on to say that an attached PDF document contains instructions about how the business or consumer can download and install updated security versions.

The e-mails contain the attachment "FDIC_document.zip," which the FDIC warns likely unleashes malware to be installed on the recipient's PC. The fraudulent e-mails about ACH and wire accounts could be used to commit bogus ACH and wire transactions, leading to the siphoning of customer accounts.

"Financial institutions and consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names and narratives," the FDIC states.

The FDIC has recently seen a number of targeted phishing scams. On Aug. 17, the FDIC was the target of a similar attack, with the subject line, "FDIC: Your business account" [See New FDIC Phishing Attack].

Earlier this week, the agency issued an alert about a different attack that targeted consumers and businesses. And last June, a separate attack encouraged recipients to click e-mailed links for details about "important information from your financial institution."

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.