U.S. military personnel is again targeted by malware-peddling cybercriminals. Fake email purportedly coming from Bank of America is asking holders of Military Bank accounts to update them by following the given link.
According to Trend Micro, the link takes them to a very faithfully recreated bank login page, where they must enter their account username and password. So far, there is no indication that this is an actual phishing page, but the possibility exists.
In any case, whatever information the victims enter, clicking on the “Sign In” button will take them to a page where an “Update Tool” is offered:
The provided executable file is actually a ZeuS variant. But even if the victims choose not to download and install it because they became suspicious at the last moment, it may be already too late. The attack doesn’t rely on manual download – it runs a multitude of browser exploits on the target systems as soon as the user lands on the page.