Malware Drive-by Infection Video: From fake FDIC message to infection

The FDIC is probably one of the most misunderstood quasi-governmental entities in America, which may account for its enduring popularity as part of malware and phishing scams. I'm not the most dedicated follower of banking news, but I did work for a bank once and I do try to keep up, yet I have never heard of a legitimate mass email campaign by the FDIC (Federal Deposit Insurance Corporation).

Nevertheless, I keep seeing emails that pretend to be from the FDIC, like the one in today's video, which leads to a website that sends you a nasty of piece of Trojan code. There are a couple of things to look for in this video, including the fact that the Trojan code is downloaded onto my computer without me having to click on anything other than a link to a website. Also noteworthy is the file type used by this malware, which is .pdf.exe. This has the advantage of appearing to be a document in Adobe Acrobat format while in fact it is an program, one which is likely to turn your computer into a zombie if you execute it.

Author Stephen Cobb, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.