Phishing season is always open with no bag limit or license needed

By Robert E. Holtfreter, Ph.D., CFE
 robert-holtfreter-80x80.jpg   Taking Back the ID: Identity theft prevention analysis

MayJune-phishing-seasonKatie Pepper, a young assistant professor in the department of criminal justice at a Midwest university, taught a variety of criminology courses, including one in white-collar crime. To help enliven her classes and broaden her students' awareness of current scams she occasionally invited speakers to class, including local law enforcement personnel and FBI and IRS agents. Unfortunately this didn't prepare her for what was going to happen.
Pepper became an online banking advocate when the university invited her to direct deposit her paycheck into her bank account. She was diligent in going online at least once a month to check her balance and verify her deposits and disbursements. 

She recently began to plan her travel expenditures for an upcoming conference and went online to check her balance and recent transactions to ensure that she had enough cash. To her surprise, her bank account was overdrawn, and she noticed a few withdrawals that she couldn't verify. 

Pepper immediately visited her bank to get some answers and to explain her side of the situation. A bank official was fairly confident that she was a victim of some sort of malware scam. She had been conned into a recent phishing scam carried out with a new malware appropriately called "Gameover." Pepper became an identity theft victim. 


The FBI reported the details of the Gameover phishing scam on Jan. 6 in a document called "Malware Targets Bank Accounts; ‘Gameover' Delivered Via Phishing E-Mails." The Gameover malware actually is a new variant of the Zenus family of malware, which has been active in recent years in a variety of scams that typically target banking transactions. 

The Zenus family of malware has survived so long because cybercriminals continually create new versions of it. They keep one step ahead of security people who are constantly working on countermeasures to help disable the current variant of the malware and educate the public from being victimized. 

The Zenus malware normally infects a victim's computer via a phishing scheme or when a victim inadvertently clicks on a contaminated link on a website. The FBI says that the Gameover malware is appropriately named "because once it's on your computer, it can steal usernames and passwords and defeat common methods of user authentication employed by financial institutions. And once crooks get into your bank account, it's definitely ‘game over.' " 

Gameover's anatomy
The FBI says that the culprits send Gameover with an unsolicited spam email message purportedly from the Federal Deposit Insurance Corporation (FDIC), the Federal Reserve or the National Automated Clearing House Association (NACHA) — all prominent, well-respected U.S. institutions, which are widely known for their involvement in various types of financial transactions. The cybercriminals cleverly use these financial institutions as potential hooks to draw victims into the scam and prevent them from becoming suspicious. 

Like other banking phishing scams, the Gameover scam email message mentions that there's a problem with the recipient's bank account that needs to be resolved. Or a variant message might say that there's an issue with a recent Automated Clearing House (ACH) transaction. The message will include a link that supposedly will aid the recipient in resolving the "problem." 

Those who are familiar with email phishing scams will, of course, stop there and ignore the spam message. However, others will read on and may get hooked by clicking on the contaminated link. Bad decision. The link will take recipients to a fake website at which they'll mistakenly download the Gameover malware. Hello computer — you've been infected — and goodbye money — the perpetrators have now hijacked your owner's banking credentials. 


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.