A malware-spreading spam campaign targeting Citi Group customers is underway, so if you are one, be on the lookout for an email alerting you to the receipt of a "secure message" (click on the screenshot to enlarge it): "The emails include a link and an attachment.
Symantec researchers have recently spotted an email phishing campaign impersonating the accounting department of a random firm.
It's already common knowledge that major commercial bank in the U.S.
Analysis of a malicious Apache module, detected by ESET as Linux/Chapro.A, found that the world's most widely used web server, Apache, is being used to carry out these attacks, injecting malicious content into web pages served by an infected Linux server, without the knowledge of the website owner.
CitiBank customers are advised to tread carefully through their email inboxes as fake credit card statements sporting the bank's name could be waiting for them: The emails contain “Your Citi Credit Card statement is ready to view online” in the subject line, and the attackers count on the large fake negative balance to make users follow the offered link, which will take them to a website hosting the Blackhole exploit kit.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.