Monday, 3 November 2008
"Colorado Business Bank - Network Security and Monitoring"
These banks get more obscure all the time, but still carry the same sort of malicious payload.
Subject: Colorado Business Bank - Network Security and Monitoring
From: "Colorado Business Bank Account Service" email@example.com
COLORADO BUSINESS BANK NOTICE:
Colorado Business Bank has registered our secure Web sites with VeriSign and use VeriSign Server IDs.
VeriSign Server IDs enable you to verify the authenticity of our secure Web site and to communicate with our Web site securely via SSL (Secure Sockets Layer) encryption.
Proceed to customer service department>>
Sincerely, Everett Torres.
Copyright - Colorado Business Bank, a part of COBIZ BANK.
VirusTotal detections are the usual mixed bag. Most detections seem to be generic (e.g. W32/Packed_FSG.D, TR/Crypt.FSPM.Gen, Trojan.Win32.Packed.gen, TrojanDownloader:Win32/Suceret.gen!A)