The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of fraudulent e-mails that appear to be from the FDIC and contain an infected attachment.
The fraudulent e-mails have addresses such as “email@example.com” or “firstname.lastname@example.org” on the “From” line. The message appears, with spelling and grammatical errors, as follows:
Subject line: “FDIC notification”
Message body: “Dear customer, Your account ACH and WIRE transaction have been temporarily suspended for security reasons due to the expiration of your security version. To download and install the newest installations read the document(pdf) attached below. As soon as it is setup, you transaction abilities will be fully restored. Best Regards, Online Security departament, Federal Deposit Insurance Corporation.”
The e-mails contain an attachment “FDIC_document.zip” that will likely release malicious software if opened. These e-mails and attachments are fraudulent and were not sent by the FDIC. Recipients should consider these e-mails an attempt to collect personal or confidential information, or to load malicious software onto end users’ computers. Recipients should NOT open the attachment.
Consumers should be aware that these fraudulent e-mails may be modified over time with other subject lines, sender names, and narratives. The FDIC does not directly contact consumers, nor does the FDIC request bank customers to install software upgrades.
-Reprinted from FDIC