Social Security Phish with Malware

The scam starts with an email that contains a link to the phishing site.

From: 	Social Security Administration <>
To: 	<>
Subject: 	Review your annual Social Security statement

Due to possible calculation errors, your annual Social Security statement may
contain errors.

Use the link below to review your annual Social Security statement:

Review your annual Social Security statement 

This e-mail has been sent from an auto-notification system that cannot accept
incoming e-mail.

If you click the link in the email you are presented with the following web page.  This is where they steal your social security number.

Stealing your SS#

Stealing your SS#

After that you are shown this screen. This is where the malware is delivered.

Delivering the malware

Delivering the malware

If you receive this email like this you should delete it immediately.  The malware in this case is called Zbot and is designed to steal bank account information.

Tagged with: , ,
Posted in malware, phishing, spam