Dear Depositor - of the Company
Over the past couple of days we've been blocking a slew of emails containing malware that purports itself as coming from the FDIC. We often see, as everyone is aware of, malware campaigns that pretend to come from major banking institutions, but I can't recall having seen any that come from their insurers before.
These emails contain some mediocre graphics that may have added to the illusion if the text within the body didn't immediately sound the fraud alarm. As you can read above, the composer of these emails was intentionally very generic and vague with their content. They don't address a specific recipient, a specific bank, or really what the email is supposed to be informing you of in general. That's where the attachment comes in. For there is where all the glorious details are hiding, or so they say. In actuality the attachment is a trojan downloader, one we've become very accustomed to - Oficla. Oficla is responsible for doing the hard work, which is tricking you into installing it and opening up the backdoor and letting in all of its ner-do-well buddies. In the past these have included everything from scareware viruses to data loggers such as ZeuS and everything in between. Including this current campaign, we have seen Oficla hit our filters well over a million times this past week alone.
Oficla has certainly become a very popular family of downloaders over the past year or two and will likely stick around for a while, but rest assured that we here at AppRiver have you covered, and this blog will be the only place you see these emails.