When criminals use computers to steal money, they don't usually go after private individuals. The average person doesn't keep a sizeable sum in a retail banking account, and they are protected by law, so banks keep a relatively close watch for unusual activity affecting personal accounts.
Instead, most computer criminals target commercial banking accounts. Not only do small and medium-sized business accounts carry much heftier balances, banks transfer more risk onto those balances. To quote the New York Times, "[business] owners often assume incorrectly that the protection they have on personal bank accounts applies to their business accounts. Many are shocked to learn that most banks do not take responsibility for unauthorised debits from business accounts."
Computer criminals are well aware of all this, and when they send out malicious spam more often than not, it is made to attract the attention of small business owners and employees. Getting malware installed on the right business computer can result in a huge payoff for the crooks. One of the most common, best targeted and most damaging families of malware is Zeus, a credential stealer that silently relays user account names and passwords back to criminals who use that information to carry out bank theft.
We're going to show you some examples of how Zeus distributors craft their messages to pique the interest of business people, along with some advice about what not to do.
A list of sample e-mails (click for larger image)
The subjects of these e-mails tend to be about sales, orders, invoices and payments. Interesting stuff, sure to attract the attention of anyone trying to do business today. None of these are legitimate, instead they all carry a dangerous payload.
The sort of thing to treat gingerly if they appear in your inbox, just like: Product Request, TT (telegraphic transfer) Payment, Swift money transfer, Purchase Order, Payment copy , Telex copy and Invoice, Request for Quotation, Wire transfer query and so on.
The wording is always just a bit vague, probably because these e-mails aren't intended to convey any real information, they're designed to spark users' curiosity and make them wonder about the contents.
If users drop their guard and open the attached .zip file they will find an executable program to run. You should never, ever proceed beyond this step. In fact, Windows will ask users to confirm that they know what they are doing.
Sign up for CIO Asia eNewsletters.