1 min read

Citibank Paymentech Electronic Merchant Billing Statement Spam Infects Users with ZBot

Loredana BOTEZATU

May 07, 2013

Citibank Paymentech Electronic Merchant Billing Statement Spam Infects Users with ZBot

New spammed malware campaign aims at Citibank Paymentech clients to collect passwords and open backdoors for remote attackers to dispose of compromised systems at will.

This new campaign consists of random e-mails allegedly sent by a Citibank billing department. The electronic messages deliver as attachment an archived document hiding an executable malicious file.

In the body of the message, scammers ask recipients to avoid sending a direct reply and to look instead for contact details in the attached Statement ID (plus a string of random numbers).

Instead of a billing statement, the attachment contains one of the numerous variants of the Zbot malware ready to disable the system’s firewall, snatch passwords and open backdoors so remote attackers can reach and control the compromised machines and download further malware.

Bitdefender detects the attachment as Trojan.GenericKD.973769 and protects its customers from the menace.

Hoax Slayer reported a similar attack against Citi customers here.

It’s been barely three months since the last spam campaign targeting Citi customers for sensitive data serving people e-mails with “You have received a secure message” that was delivered with a dangerous securedoc.zip attachment.

The e-mail message in the current campaign is sloppy and messy, which should give even the untrained eye a sense of distrust and discourage readers from opening the malicious attachment.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

This article is based on the spam samples provided courtesy of Daniel ICHIM, Bitdefender Spam Researcher.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read