JPMorgan customers targeted in e-mail phishing campaign

  • TECH
  • Friday, 22 Aug 2014

BOSTON/NEW YORK: Fraudsters are targeting JPMorgan Chase & Co customers in an e-mail "phishing" campaign that is unusual because it attempts to collect credentials for that bank and also infect PCs with a virus that steals passwords from other institutions. 

The campaign, dubbed "Smash and Grab," was launched on Tuesday with a widely distributed e-mail that urged recipients to click to view a secure message from JPMorgan, according to security researchers with corporate email provider Proofpoint Inc. 

JPMorgan, the No 1 US bank by assets, confirmed that spammers had launched a phishing campaign targeting its customers. 

"It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler. 

She said the bank believes most of the spam was stopped by filters at large Internet providers, adding that the e-mail looked realistic because the attackers apparently used a screen grab from an authentic email sent by the bank. 

Users who click on a malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they did not comply, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. 

Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc, according to email security firm Phishme. 

Proofpoint vice-president of threat research Mike Horn said it is unusual for spammers to infect PCs with malware while trying to persuade users to provide banking credentials because that increases the odds of detection. 

"Usually when they do credential phishing, that is all they do. In this case, they are throwing in the kitchen sink," Horn said. 

Proofpoint saw about 150,000 e-mails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. 

That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, he said. The firm manages over 100 million e-mail accounts. 

Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others. 

Horn said his firm was unsure who was behind the emails, although much of the campaign's infrastructure was in Russia and Ukraine, and the group's tactics were consistent with those of Eastern European cybercrime gangs. 

An FBI spokesman said he had no immediate comment. 

A spokesman for the US Federal Trade Commission, the key federal agency charged with fighting spam, declined comment. 

"Since FTC investigations are non public, I can’t confirm or deny whether we are looking into this issue," said agency spokesman Jay Mayfield. — Reuters 

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

hackers , JPMorgan


Next In Tech News

Instagram says some users having issues with platform
Micron kicks off dividend payments, shifts to 'opportunistic' share buybacks
AT&T's DirecTV to become standalone video business
Twitter partners with AP, Reuters to battle misinformation on its site
Google to launch own processor for upcoming Pixel phones
Ferrari boss has no fears over electric future
Facebook's Kustomer deal may hurt competition, EU regulators say
Uber, Lyft seen boosted by return of riders, but driver shortage, stubborn virus cloud outlook
Hong Kong police arrest two men in crackdown on website selling more than 30,000 upskirt photos and videos
Teenage girls in northern Nigeria ‘open their minds’ with robotics

Stories You'll Enjoy