Home Phishing 'FDIC notification' Phishing Email

'FDIC notification' Phishing Email

Posted: August 31, 2011

The fake email 'FDIC notification' is a spam email message that distributes dropper Trojans from the Mal/Bredo family. SpywareRemove.com malware research experts have found that Bredo-based Trojans will infect normal system processes, install rogue security programs and create high-level security vulnerabilities with the use of backdoor Trojans. However, the fake 'FDIC notification' email is incapable of attacking your PC unless you've downloaded and launched the linked file attachment, and protecting your PC from fake 'FDIC notification' email-based attacks is a relatively simple task. Even though fake 'FDIC notification' messages pretend to be from the Federal Deposit Insurance corporation, the suspicious contents of the message body, including several grammatical errors, can tip you off to the fake 'FDIC notification' email's real nature and help you to avoid a fake 'FDIC notification' email-related infection.
 

Don't Be Swayed By the fake 'FDIC notification' email's Supposed Government Connections

The fake 'FDIC notification' emails are just one of several fake email messages that are used to spread dropper Trojans from the Bredo subgroup. Although SpywareRemove.com malware research team has noted that the fake 'FDIC notification' email itself is used to propagate Mal/BredoZp-B, other forms of spam can spread Mal/BredoZp-E, Mal/BredoZp-K or virus injection tools like VirTool:Win32/Injector. Although these Trojans can vary slightly in behavior, their basic tactics are all the same – they'll infect Windows components and then proceed to install other types of harmful software, especially fake security products.
 
The phishing 'FDIC notification' email uses a convincing 'noreply@fdic.gov' sender field, but the text message that accompanies it is somewhat less convincing:
 
Dear customer,
Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document (pdf) attached below.
As soon as it is setup, you transaction abilities will be fully restored.
Best Regards, Online Security departament [sic], Federal Deposit
Insurance Corporation.

 
The basically fraudulent nature of the phishing email 'FDIC notification' messages can be seen in the various grammatical errors and typos that are contained in this spam message. Since the fake email 'FDIC notification' isn't affiliated with the actual Federal Deposit Insurance corporation, you don't need to worry about any account-related problems and can delete the 'FDIC notification' spam without any further troubles.
 

What to Do When a Trojan Brought on by Spam Gets Into Your PC

If you've downloaded and installed the FDIC_document.zip file attachment, your PC has been infected by the dropper Trojan Mal/BredoZp-B. Although protection against this Trojan has been available since 2010, SpywareRemove.com malware experts have found several updates to Mal/BredoZp-B as recently as 2011. If your anti-malware applications aren't already up-to-date for threat definitions, you may want to update them to protect yourself from spam-related Trojan attacks.
 
Attacks that 'FDIC notification' email-related Trojans can cause include but aren't restricted to the list below:

  • The infection of svchost.exe, which is standard behavior for all Trojans from the BredoZp family. Although svchost.exe will run by default in any Windows environment, you may be able to notice a potentially infected svchost.exe if excessive memory is used.
  • Trojans may also install rogue security programs. The list of known scamware that's distributed by the phishing 'FDIC notification' email and Trojans from the same family includes UltimateCleaner, System Security, Security Shield, WinWebSecurity, Antispyware Pro 2009, Security Tool and (a fake) MS Removal Tool.
  • Lastly, Trojans are also used to install backdoor Trojans, particularly Trojans from the Cycbot family. These Trojans will reduce your security by attacking your firewall, network ports and system settings. These attacks will, in turn, allow criminals to access your PC and potentially force it to perform self-destructive or illegal acts.

If you suspect that you have a Trojan on your PC, be ready to use a good anti-malware program to remove it, which is difficult to detect or delete by manual methods.

Malware Automatic Detection Tool (Recommended)

Is your PC infected with malware caused by the 'FDIC notification' phishing email? To safely & quickly detect malware, we highly recommend you...

Technical Details

Additional Information

The following messages's were detected:
# Message
1Dear customer, Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document(pdf) attached below. As soon as it is setup, you transaction abilities will be fully restored. Best Regards, Online Security departament, Federal Deposit Insurance Corporation.

Loading...