Bank security

FBI Warns of Spear Phishing on Behalf of Truist Bank

The FBI issued a warning that threat actors began masquerading as Trusit, one of America’s largest bank holding companies. According to the investigation agency, malicious actors are using this spear phishing campaign to infect victims with Remote Access Trojan (RAT) malware.

A Beeping computer The article mentions that according to the FBI, the threat actors also designed a phishing campaign. In this malicious campaign, they spoof this financial organization with registered domains, email subjects and an app. This gives the impression that the emails are from the aforementioned legitimate financial institution.

Take a moment to stay tuned forever

Subscribe to receive weekly cybersecurity updates!

The instance

  • In February 2021, a renewable energy company was targeted. In this attack, the phishing emails asked the user to download a malicious Windows app that mimicked the legitimate Truist Financial SecureBank app. The email falsified the last step the company needed to complete the process of a $ 62 million loan.
Malicious Windows app mimicking the Truist Bank app [Source – Bleeping Computer]
  • The FBI added that the fraudulent loan amount was in line with the energy company’s business requirements. Additionally, the FBI said the phishing email also contained a link to download the app, a username and password for access.
  • The phishing email appears to be from a UK-based financial institution, stating that Truist’s loan to the victim has been confirmed and can be accessed through an app that appears to be owned by Trusit.
  • The malicious actors hosted this bogus Windows app on a registered fraudulent domain that impersonated Truist.
  • Some other financial institutions like MayBank, FNB America and Cumberland Private also appear to have been usurped by this spear-phishing campaign.
  • It has been found that the malware is deployed after users download and install the executable file in the spear phishing emails they receive. It then connects them to secure portal (.) online domain.

Financial institutions spoofed in Truist Bank identity theft
Spoofed financial institutions [Source – Bleeping Computer]
  • The FBI has informed with its warning that attackers are using this malware to record keystrokes and take screenshots of users’ screens.

This spear phishing campaign was found to have successfully impersonated other financial institutions in the US and UK as well.

It should be noted that attackers can use user login credentials to access highly sensitive organizational information, which can potentially harm their business interests. Additionally, bogus apps can be used to disguise malicious background activity running in the background.

Turn your employees into a shield against cyberthreats

Make your employees proactive against common cyber attacks with ThreatCop!

The post office FBI Warns of Spear Phishing on Behalf of Truist Bank appeared first on Kratikal Blogs.

*** This is a Syndicated Security Bloggers Network blog by Kratikal Blogs written by Rishi Khemani. Read the original post on: https://www.kratikal.com/blog/fbi-warns-against-spear-phishing-in-the-name-of-truist-bank/