The email message below: "Nedbank transaction notification," has a virus or Trojan horse attached to it that will infect your Windows computer if you open it. The message was designed to trick the recipients into opening the malicious attachment, disguised as a bank transaction payment receipt.
The "Nedbank Transaction Notification" Virus Email Message
From: Nedbank business [mailto:reports @businessbanking.nedsecure.co.za]
Attachment: Payment details (document 06.04.2014).zip
Sent: 06 March 2014 06:07
Subject: Nedbank transaction notification #9062-686
Importance: High
Transaction is completed. £02292 has been successfully transfered.
If the transaction was made by mistake please contact our customer service.
Payment receipt is attached.
----------
The attachment "Payment details (document 06.04.2014).zip” contains the malicious file "Payment details (document 06.04.2014).exe".
The malicious file contains the follow threats when we scanned it for virus:
- Trojan.GenericKD.1577824
- TrojanSpy.Zbot!mzORG4zRIwE
- Trojan/Win32.Zbot
- Win32:Dropper-gen [Drp]
- Trojan.GenericKD.1577824
- TrojanPWS.Zbot.gen
- W32/Trojan.QIRO-3024
This email message was not sent by Nedbank, but by cybercriminals, whose aim is to trick the curious recipients into opening the malicious attachment that will infect their computers with a virus or Trojan horse.
Once your computer has become infected with this malicious Trojan horse, the cybercriminals behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.
Now, if you have already opened anyone of these malicious attachments, please do a full scan of your computer with the antivirus software installed on it. The name of the attachment may change, so be careful when opening email attachments.
If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.
Never open an attachment that has a name ending with “.exe”, because these are computer programs that can infect your computer with a virus or some other malware.
Click here for a list of email attachments you should never open, regardless of where they came from.
For a list of other virus email messages, please click here.
This fake email message is similar to the Coutts Private Bank Services Transaction and Notification and Lloyds Bank Transaction Notification email messages.