According to media reports, financial institutions are being
targeted by new mass-mailing email. The email purports to come from
a bank administrator and advises recipients to install a program,
available in the email as an attachment, to protect their bank
accounts from fraud.
Sophos has analysed several copies of the code contained in the
attached file, antikeylog2004.exe. All have been truncated and do
not contain any malicious code. Sophos has contacted the NHTCU
(National Hi-tech Crime Unit) which has also seen only truncated
attachments that will not run.
The body of the email reads:
"Dear customer,
The security of your personal and account information is extremely
important to us. By practising good security habits, you can help
us ensure that your private information is protected. Please
install our special software, that will remove all the keyloggers
and backdoors from your computer.
And will help us to prevent credit card fraud in future.
Thank you.
Best regards,
<name>"
The Bank of England, one of the many financial institutions
affected by this email, has launched an investigation. It is also
advising on its website that anyone who receives this email should
delete it.
"This is not the first attempt to try and fool computer users,
and I doubt it will be the last," explained Carole Theriault,
security analyst at Sophos. "Such an email underlines the
importance of protecting yourself by following safer computing guidelines
and keeping your anti-virus software up to date. The old saying
that you shouldn't believe everything you read rings even more true
when it comes to unsolicited emails."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.