IBM Trusteer – the company that helps us bring Trusteer Rapport software to our business customers – has reported a phishing email campaign that began on May 9, 2014.
The fraudulent emails appear to come from Trusteer with the sender’s email address masquerading as firstname.lastname@example.org, an email account that is no longer in use. These emails are part of a spear phishing campaign that uses IBM Trusteer’s brand to distribute a malicious executable file.
The emails are addressed directly to recipients containing their full name and email address. The content of the message requests that recipients run the attached file in order to upgrade their IBM Trusteer Rapport software version.
Please note that IBM Trusteer will not distribute Rapport updates as email attachments.
In response, IBM Trusteer has already begun rolling out an update that will protect users from accidentally opening the malicious file. Further recommendations from IBM Trusteer are as follows:
1. Users who received this email are requested to delete it immediately.
2. Users who may have already launched the attached file should be instructed to refrain from online banking, and contact IBM Trusteer Support.
Should you have any questions, please do not hesitate to contact your Cash Management Banker or email@example.com.