JPMorgan Customers Targeted in Phishing Campaign

kim kardashian

Internet thieves are targeting JP Morgan Chase & Co. customers in an email “phishing” attack. It’s different from other email fraud campaigns in that it tries to collect information from JP Morgan while simultaneously infecting
PC’s with a virus that steals passwords from other businesses.

The criminal operation, named “Smash and Grab,” was launched last Tuesday (08/19). It sends an email that advised recipients to click to view a secure message from JP Morgan, according to researchers with Proofpoint Inc.

According to Trish Wexler, Chase representative, the bank believes most of the malevolent emails were stopped by filters at large Internet providers. She also said the emails looked credible because the hackers seemed to use a screen grab from a verified email sent by the JP Morgan.

Users who click on a link are urged to enter usernames and passwords for account access. Even if they don’t follow orders, the site tries to install the Dyre banking Trojan on their computers. Dyre, or Dyreza, is a recently exposed malware that searches for sensitive information from Bank of America Corp, Citigroup and the Royal bank of Scotland Group Plc.

Phishme reported that the malware bypasses SSL protections with the browser while stealing credentials. A CSIS Security group spokesperson added,

“The group behind Dyreza has implemented their own money mule panel which indicates that they intend to provide this as a crime-as-a-service solution or is a full circle in-house crime gang.”

Researchers fear that since Dyreza doesn’t implement advanced data encryption or file name randomization like the notorious Zeus malware, it’s only in its beginning stages.

Senior Phishme researcher Ronnie Takazowski pointed out that,

“When analyzing tools, tactics, and procedures for different malware campaigns, we normally don’t see huge changes on the attackers’ part. However, in the Dropbox campaign we have been following, not only have the attackers shifted to a new delivery domain, but they have started to use a new malware strain, previously undocumented by the industry.”


Featured image via Peter Foley/Bloomberg


About Blaine Martin

I enjoy taking in the world around me and facing the challenge of conveying news and information that is clear, timely and professional. Please like and share our articles!

Have a tip we should know?


Most Read

  1. News
    Pandora Papers Financial Leak Shows Us the Secrets of the World’s Rich and Powerful
    2 years ago
  2. Health
    US Supreme Court Rejects J & J TALC Cancer Case Appeal
    3 years ago
  3. Lifestyle
    9 Habits that Drain your Daily Focus and How to Avoid Them
    3 years ago
    Women’s Demand for Shapewear – the big Trends
    3 years ago
    Valentino Launches its Cosmetics Line
    3 years ago
  6. Health
    US Promises to Share 60 million Doses of AstraZeneca Vaccines
    3 years ago
  7. Health
    UK Offers Aid Amid Surging COVID-19 Cases in India
    3 years ago
  8. Sports
    Thousands of fans welcome Charlton funeral cortege at Old Trafford
    3 weeks ago
  9. News
    Brit left fighting for life after train derails in Argentinia
    3 weeks ago
    Dubai faces down airline rivals with $50 bln jet orders
    3 weeks ago
  11. Sunak
    UK’s Sunak brings back Cameron, sacks Braverman
    3 weeks ago
  12. Sports
    Man United’s Hojlund, Eriksen withdrawn from Denmark team duty
    3 weeks ago
  13. Health
    Autumn Sneezing Syndrome is on the rise… here’s what you can do
    3 weeks ago
  14. Canada
    Canada beat Italy to win Billie Jean King Cup for first time
    3 weeks ago

Follow @rushhourdaily: