Identity Theft Articles

New Malware Program Targets Military Members for Identity Theft

New malware program targets military members for identity theft.

According to a report from virus protection industry leader Trend Micro, members of the U.S. military are now being targeted by a piece of malware that was developed using the infamous and endlessly versatile Zeus toolkit. The first part of the scam involves an email to members of Bank of America's Military Bank who are currently serving overseas, which says that their account has been "flagged" and needs an update before it will be cleared. They are then asked to click on a link, which leads to a page that looks almost exactly like their actual Bank of America military login page. However, this page is actually hosted in Russia by hackers.

Upon arriving at the page, the user is prompted to input their name and password, the report said. However, this login screen doesn't actually require real information, and any combination of numbers and letters will send them to the next page. The second page then asks the user to download a program called "UpdateTool.exe," which is a Zeus variant.

However, most people who fall for the scam won't even be able to download it, the report said. Just by going to the second page, users have opened their computers to a number of attacks directly from their browser, and the download link is only in place in case these first measures somehow fail.

The report noted that this isn't the first time the Military Bank has been targeted by hackers. Similar campaigns were spotted in 2007 and earlier, but those attacks came before several other malicious kinds of campaigns against the military, leading some to speculate that they are ideological in nature and not purely financial as was once thought. A wave of attacks last year used a similarly-named program, but involved a fake login page for Facebook instead.

Consumers should be aware that no reputable business or organization would ever email a customer asking for personal information or directs them to visit a certain website to update their personal information. Anyone who receives a message of this type should be wary of it.