News

JPMorgan Customers Target in Huge Phishing Campaign

JPMorgan, the No. 1 U.S. bank by assets, has confirmed that spammers have launched a phishing campaign targeting its customers. The spam-campaign is dubbed Smash and Grab and was launched on Tuesday by an unknown group. It however bears the resemblance of Eastern European cybercrime gangs and most of the infrastructure used in the campaign is located in Russia and Ukraine.

“It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.

Most of the spam was stopped by filters in place by the large providers, but some will always manage to get through. And the phishing mail looks very realistic as it uses original email parts to fake it. The attack is somewhat unusual as it doesn’t just try to grab the credentials of unknowing users, it also tries to infect the PC’s with malware at the same time.

Users who click on the included malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they do not comply with this request, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc.

Proofpoint saw about 150,000 emails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, said Proofpoint’s VP of Threat Research Mike Horn.

The firm manages over 100 million email accounts. Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others.

Thank you Reuters for providing us with this information.

Image courtesy of Reuters.

Bohs Hansen

Disqus Comments Loading...

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

2 days ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

2 days ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

2 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

3 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

3 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

3 days ago