Banking malware targeting business customers of New Zealand banks
CertNZ have released a new advisory.
A phishing campaign containing malware is targeting business banking customers of some New Zealand banks.
The phishing emails are branded to look like invoice notifications from accounting software systems. Once a user clicks on the attachments or links in the email, malware is downloaded onto the user’s machine.
The phishing emails may have been sent up to three months ago.
The phishing emails appear to be invoice notifications. They use accounting software brands and have links to download an invoice.
The malware infects the browser and adds malicious plugins. These plugins are used to steal login credentials, as well as two-factor authentication codes. Attackers are using these stolen credentials to access the bank account and transfer money to overseas accounts.
The security of the accounting software and the banks is not affected by this campaign.
For more information please visit the CertNZ site
Browse by Date
#GigatownNSN ACN Allan Apple Basketball Blenheim Blueberry IT BlueBerryMax Broadband Business BYOD BYOT cake CBD Chamber of Commerce Chocolate Velvet CIO Magazine Cloud Cloud Office365 Champion Clutter Communications Connect_Smart Data digital tuatara ngati koata iwi e-town Fibre G.I ANT HP HP Gold Partner IaaS Internet iPad IT IT_Security iwi Management Microsoft Mobility Monitoring Nelson Nelson Giants Networking new building C&F Legal NZ Entrepreneur Office Office Office 365 Cloud Google Docs Office365 PaaS Partners Partnerships Patching performance productivity SaaS Skype SMART Solid State Drive SSD Study Nelson Support Tablet tablet PC UFB UltraFast Broadband welcome Windows 10 Windows 8 Windows XP Windows XP Support expires 2014