The JPMorgan customers are being targeted by the fraudsters in an email "phishing" campaign that is unusual as it attempts to collect credentials for that bank and also infect PCs with a virus that steals passwords from other institutions.
Go deeper with GlobalData
According to security researchers with corporate email provider Proofpoint, the campaign, dubbed "Smash and Grab," was launched with a widely distributed email that urged recipients to click to view a secure message from JPMorgan.
US-based JPMorgan has confirmed that spammers had launched a phishing campaign targeting its customers.
Bank’s spokeswoman Trish Wexler told Reuters, "It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers."
She said the bank believes most of the spam was stopped by filters at large internet providers, adding that the email looked realistic because the attackers apparently used a screen grab from an authentic email sent by the bank.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataAccording to Proofpoint, users who click on a malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they did not comply, the site attempts to automatically install the Dyre banking Trojan on their PCs.
Email security firm Phishme stated that Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America, Citigroup and the Royal Bank of Scotland Group.
