News

JPMorgan Customers Target in Huge Phishing Campaign

JPMorgan, the No. 1 U.S. bank by assets, has confirmed that spammers have launched a phishing campaign targeting its customers. The spam-campaign is dubbed Smash and Grab and was launched on Tuesday by an unknown group. It however bears the resemblance of Eastern European cybercrime gangs and most of the infrastructure used in the campaign is located in Russia and Ukraine.

“It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.

Most of the spam was stopped by filters in place by the large providers, but some will always manage to get through. And the phishing mail looks very realistic as it uses original email parts to fake it. The attack is somewhat unusual as it doesn’t just try to grab the credentials of unknowing users, it also tries to infect the PC’s with malware at the same time.

Users who click on the included malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they do not comply with this request, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc.

Proofpoint saw about 150,000 emails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, said Proofpoint’s VP of Threat Research Mike Horn.

The firm manages over 100 million email accounts. Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others.

Thank you Reuters for providing us with this information.

Image courtesy of Reuters.

Bohs Hansen

Disqus Comments Loading...

Recent Posts

Turtle Beach Unveils Stealth Pivot Controller for PC and Xbox

Turtle Beach has just revealed its newest innovation, the Stealth Pivot Controller, which boasts a…

16 hours ago

MINISFORUM Unveils EliteMini AI370 Desktop, Powered by AMD Ryzen AI HX 370

MINISFORUM has officially launched the EliteMini AI370, a mini desktop PC packing serious power into…

18 hours ago

STALKER 2: Heart of Chornobyl Confirms Mod Support on Xbox

Fans of STALKER 2: Heart of Chornobyl can now look forward to mod support on…

19 hours ago

Stardew Valley Creator Hits 100% Completion

Do game developers play their own games? Not always, but Stardew Valley creator Erik Barone,…

19 hours ago

Sony Shuts Down Firewalk and Neon Koi

Sony Interactive Entertainment (SIE) has announced the closure of two of its subsidiaries, Firewalk Studios…

20 hours ago

NZXT H5 Flow Starfield Limited Edition Mid Tower Case

The NZXT H5 Flow has been crafted to give you impeccable airflow, stunning aesthetics and…

23 hours ago