Federal Reserve spam campaign leads to malware

A rather poorly executed but extensive spam campaign impersonating the US Federal Reserve is currently targeting online banking users.

The email, using graphics hosted by the Federal Reserve, ostensibly warns users of a failed outgoing wire fund transfer, and offers a link to further information about the matter:

Careful users will be warned by the poor spelling and unprofessional look of the email – not to mention the random email address from which the email was sent – and check the link first by rolling over it with their mouse, revealing thus that it points to an executable file trying to pose as a PDF file.

Those less alert will follow it and, if they are unfortunate enough, allow the software to run. The action will result in the infection of their computer with a variant of the information-stealing Zeus Trojan.

“It will run quietly in the background, intercepting browser traffic, watching for credentials and sending any it finds off to its command and control server,” explain Barracuda Networks researchers.