By Mark Huffman

October 28, 2009
The Federal Deposit Insurance Corporation (FDIC) warned this week that cyber criminals are using fake messages claiming to be from the FDIC to steal victims' financial data.

Computer experts at the University of Alabama Birmingham have figured out how the scam works. They say the messages deliver a virus to victims' computers. The virus is capable of stealing unsuspecting victims' bank passwords and other sensitive personal information.

The victim first receives a spam email with the subject line suggesting that FDIC has closed their bank. The FDIC, of course, never sends such emails.

Once the message is opened the spam asks users to visit a specific Web site, a link to which is included in the message. Those that follow the link are taken to a page that asks them to click and download a copy of "your personal FDIC insurance file."

"Unfortunately, anyone who clicks that download link will be downloading a version of the Zeus Bot virus, which has the capacity to steal bank passwords and other financial and personal information," said Gary Warner, the director of research in computer forensics at UAB.

Warner and his research team in the UAB Spam Data Mine have been tracking the new spam for a number of days and report its delivery volume to be very high.

The spam claims to be from the e-mail address, which is a real e-mail address used by the FDIC, but has obviously been forged by the malware distributors in this situation, Warner says.

"The cyber criminals behind this spam have gone to great lengths to mimic the logos and look of FDIC communications, including going so far as to forge an official FDIC e-mail address in an effort to confuse consumers into following links and downloading harmful programs," Warner said