Norman Safeground Blogs

insight, opinion & information


Beware banking malware pretending to be patch

malwareBeing infected by a computer virus is always irritating, but getting one because you’ve tried to protect your PC? That’s infuriating. Unfortunately, criminals know that they can easily fool users into downloading and running malicious code by pretending to be a security authority.

A recent email example of this type of dangerous deceit was recorded earlier this month. Its subject line (although multiple variations have been noted) suggested that the email would help users fix a potential security hole in their computer.

The sender posed as Microsoft, AVG or Kaspersky in an attempt to fool users into believing their message was from a reputable security source. It contained an explanation as to why it was important to download the email attachment, and claimed the file was “system patch KB923029” for Microsoft Windows. This patch doesn’t actually exist on Microsoft’s website.

The file is really a malicious ZIP file (identifiable as ending in .zip), which contains an application (with the file ending .exe). Running this .exe unleashes the bank data-stealing Zbot/Zeus onto your computer, which is one of the best-known bank detail-stealers on the net.

How to avoid infection

Unfortunately for the criminals, while they are excellent at exploiting systems, they’re not so good at using proper English. The emails feature numerous misspellings – a huge giveaway that the message isn’t actually from Microsoft.

If you’re unsure if an email is from a legitimate source, always be mindful of spelling and grammar mistakes. More than one typo is a big clue that the email is probably fraudulent.

Of course, the most important tip is to never download attachments that you aren’t expecting. Real companies would never send you security updates via email. Lots of malware also pretends to be emails sent from your friends, so if you’re in any doubt, don’t open the file.

Some of this advice might seem obvious, but we still need to spread awareness. For example, there was a 253% increase in online banking malware infections in the third quarter of 2013. Ouch.

This means the infection count is now beyond the 200,000 mark – a number not seen since 2002. With Zbot/Zeus rumoured to be responsible for most of these infections, everything you do really does keep down the number of infections.

So if you already know all this, tell a friend!

Tags: ,

2 Responses to Beware banking malware pretending to be patch

  1. Greg Poulter says:

    It constantly amazes me how people are so blasé when it comes to online banking! I am an IT professional with over 20 years experience at removing viruses and malware from infected systems. (I have been using and recommending Norman products since 1998!)
    People just do not understand that to be safe online is more than just a “free” Antivirus from! I’m also amazed at how many people buy an Antivirus product but either never update it (because they have limited bandwidth or it takes too long to update!)or simply disable the active scanning components because they cant download music files or that copy of Microsoft Office! I believe that these types of attacks will always be here because so many people just ignore the warnings!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



The Author:

For Consumption Bloggers

Norman Safeground Blogs Archive