Gone fishing… Sorry: phishing - FDIC.gov

Another phishing email. This time from FDIC, which is basically an agency independent from the Federal Government that acts as an insurer to the nation’s financial institutions. The message was coming from the following email address : Investigation@FDIC.gov. The address is a forged one, most likely with PHP as the message header also contained PHP signature. The phisher wasn’t too smart as the sender’s IP address was clearly unchanged.
The text was the following:

Dear bank account owner,
Funds wired into your account are stolen from innocent account holders through Identity Theft. Please check your account statement (the statement is attached to this letter) and contact your bank account manager. Federal Deposit Insurance Corporation

The attachment mentioned in the email body is a windows executable called statement.exe and is a badware which has only one function: to send all the saved private data to a Nigerian server.

Please do not open ANY attachment if you don’t trust the sender. If in doubt, either delete it or go to the sender’s domain and try to find details about the attachment. If you decide to delete, don’t worry, if the attachment was legit and important, you can always ask the sender to send the message again.

If you got this or similar mail, I’d be interested in how did you recognize it’s phishing, or what happened when you installed the badware or clicked the link if there was one.
Sharing your experience can help others, too, so please share your thoughts.

Share or Bookmark this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • StumbleUpon
  • Ask
  • Bloglines
  • Facebook
  • Google Bookmarks
  • LinkedIn
  • Slashdot
  • SphereIt
  • Technorati
Sphere: Related Content

2 Comments

tvpatrick  on October 9th, 2008

I received the e-mail and realized it was way too generic to be real - plus the idea of the FDIC sending me a .exe file was absurd. I did a search on the sender e-mail address and found this site. I was checking to see if anyone was requesting the message be forwarded on. This one could trick a lot a people - because people tend to worry about the status of their accounts.

methode  on October 9th, 2008

Thanks for sharing patrick,

Yes, it’s very common text, maybe too blatant as well. I think the phishers should have a bit more imagination when composing these messages. In this form they are very simple to identify as spam/phishing mail, yet extremely effective since many doesn’t realize what they are doing when they see a trustworthy email address, such as *@fdic.gov

Leave a Comment

... using your OpenID ...
(?)
... or by fill out these fields:

Privacy concerns? Read our Privacy Policy