Important Please Complete Attached Form - National Westminster Virus Email

The "Important - Please complete attached form" Virus or Trojan horse Email

Subject: Important - Please complete attached form
Attachment: BanklineForm.zip
*********** ********************* ***************** ********************
This message has been scanned by the Bankline CSC SSM AV and found to be free of known security risks.
********** ********************* ******************* *******************

Dear Customer

Please find below your Banking Form for Bankline.
Please complete Bankline Banking Form :

- Your Customer Id and User Id - which are available from your administrator if you have not already received them. Additionally, if you wish to access Bankline training, simply follow the link below www.natwest.com/banklinetraining

If you have any queries or concerns, please telephone your Electronic Banking Help Desk.

National Westminster Bank Plc, Registered in England No. 929027.
Registered Office: 135
Bishopsgate, London EC2M 3UR.

Authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.

This e-mail message is confidential and for use by the addressee only. If the message is received by anyone other than the addressee, please return the message to the sender by replying to it and then delete the message from your computer.

Internet e-mails are not necessarily secure. National Westminster Bank Plc does not accept responsibility for changes made to this message after it was sent. National Westminster Bank Plc may monitor e-mails for business and operational purposes.

By replying to this message you give your consent to our monitoring of your email communications with us.

Whilst all reasonable care has been taken to avoid the transmission of viruses, it is the responsibility of the recipient to ensure that the onward transmission, opening or use of this message and any attachments will not adversely affect its systems or data. No responsibility is accepted by National Westminster Bank Plc in this regard and the recipient should carry out such virus and other checks as it considers appropriate.
======

This email message attempts to trick the recipients into opening the dangerous attachment (virus), disguised as a banking form, by claiming that they need to complete the form.

The name of this malicious attachment is called BanklineForm.zip. This file "BanklineForm.zip” is a compressed or Zip file that contains the malicious file "BanklineForm.exe". It is this malicious file: "BanklineForm.exe" that is the virus or Trojan horse and will infect your computer if you open it.

When we scanned this file ("BanklineForm.exe") the following threats were found:

• W32/Trojan.RDSG-2033
• Trojan.DownLoad3.28161
• Win32/TrojanDownloader.Waski.A
• W32/Trojan3.HEB
• Trojan-Spy.Zbot
• Spyware.Zbot
• Upatre.BD
• Troj/DwnLdr-LHK

Once your computer has become infected with this malicious Trojan horse, the cybercriminals behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

Now, if you have already opened this malicious attachment “BanklineForm.exe”, please do a full scan of your computer with the antivirus software installed on it. The name of the attachment may change, so be careful when opening email attachments.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

Never open an attachment that has a name ending with “.exe”, because these are computer programs that can infect your computer with a virus or some other malware.

Click here for a list of email attachments you should never open, regardless of where they came from.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.