<迷惑メール>Payment Advice Advice Refウイルス感染HSBC注意

イギリスやアジアに拠点を置いているというグローバル銀行 HSBC （The Hongkong and Shanghai Banking Corporation Limited、香港上海銀行） を勝手に名乗って成りすました英語の 迷惑メール （スパムメール） を受信しています。

不正メール件名 Payment Advice - Advice Ref:[GLV410796721] / Priority payment / Customer Ref:[2000000559]
送信者 HSBC Advising Service <advising.service＠mail.hsbcnet.hsbc.com>

Dear Sir/Madam,
The attached payment advice is issued at the request of our customer. The advice is for your reference only. 無題な濃いログ
Yours faithfully,
Global Payments and Cash Management
HSBC
This is an auto-generated email, please DO NOT REPLY. Any replies to this email will be disregarded.
Security tips 無題な濃いログ
1. Install virus detection software and personal firewall on your computer. This software needs to be updated regularly to ensure you have the latest protection.
2. To prevent viruses or other unwanted problems, do not open attachments from unknown or non-trustworthy sources.
3. If you discover any unusual activity, please contact the remitter of this payment as soon as possible.
This e-mail is confidential. It may also be legally privileged. If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return e-mail.
Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions. 無題な濃いログ
"SAVE PAPER - THINK BEFORE YOU PRINT!"

不正メール件名 Payment Remittance - Advice Ref:[HSBC-1096483284] / Priority payment / Customer Ref:[1029543] / Payment Advice - Advice Ref:[GLV908109269] / Priority payment / Customer Ref:[UNMATCHED] / Payment Advice - Advice Ref:[BIBAA1136382]
送信者 <e-banking＠hsbc-banking.com>
Dear Sir/Madam,
The attached payment advice is issued at the request of our customer. The advice is for your reference only. Kindly confirm safe receipt of  the attached payment note and revert back to your customer. If you have any questions regarding this payment advice, please contact the remitter of this payment as soon as possible or call: (0800) 975-4722. 無題な濃いログ
Yours faithfully,
Global Payments and Cash Management
HSBC.
This is an auto-generated email, please DO NOT REPLY
Security tips:
1. make sure you have the latest antivirus and personal firewall on your computer.
2. This software needs to be updated regularly to ensure you have the latest protection.
3. To prevent viruses or other unwanted problems, do not open attachments from unknown or non-trustworthy sources. 無題な濃いログ
This e-mail is confidential. It may also be legally privileged. If you are not the addressee you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system.
Internet communications cannot be guaranteed to be timely, secure or error-free. The sender does not accept liability for any errors or omissions. 無題な濃いログ

〔日本語で簡単な意味〕
添付の支払通知書は、お客様の要望により発行したものです。なお、本アドバイスはあくまで参考としてご覧ください。無題な濃いログ 添付の支払通知書を問題なく受領したことを確認して、お客様に返信してください。この支払通知書について質問がある場合は、支払いの送金者にできるだけ早く連絡するか、電話で問い合わせください。

そういう支払いに関してサッパリ身に覚えがなくても、迷惑メールの金銭ネタは不安を覚えて無視できなくなるユーザーさんが出現するので厄介です。

HSBC 迷惑メールでマルウェア感染

この HSBC 迷惑メールがバラ撒かれる目的が、Windows XP/7/8/10/11 パソコンをターゲットに マルウェア （コンピュータ ウイルス） を送りつけて開くよう誘う攻撃です。

マルウェアの実行ファイル .exe

【Eメールの添付ファイル】
Payment Advice.zip
└ Payment Advice.exe

Payment_Advice.zip
└ Payment_Advice.exe

【情報窃取型マルウェア FormBook】
ESET MSIL/Kryptik.ACGM Win32/Formbook.AA
Kaspersky HEUR:Trojan-Spy.MSIL.Noon.gen HEUR:Trojan-PSW.MSIL.Agensla.gen
McAfee PWS-FCZZ!3FBA81AB56C8 PWS-FCUF!9F7F327881E3
Microsoft Trojan:MSIL/AgentTesla!MTB Trojan:MSIL/Stelega.KZ!MTB

Symantec Trojan.Gen.2

Trend Micro TROJ_GEN.R002C0DH721 TrojanSpy.MSIL.NEGASTEAL.SMG

MD5 3fba81ab56c8b5004f6ac361179daba8
MD5 9f7f327881e31daf3cc6abc8995c0942

「支払い通知」 に偽装した 実行ファイルをダブルクリックして起動 することが感染の第一条件なので、セキュリティ意識がバッチリな Windows ユーザーさんは、脅威を自分で見極める 「ファイルの拡張子とウイルス対策」 の知識が試されます。

タグ ：

Windows