What is the Gameover malware?
Gameover is an updated Zeus malware attack that goes after bank information. The attack takes place when malicious users send spam email to infect computers with malware, which is designed to collect bank account information from the recipient’s computer. After this malware is on your computer, it is able to steal usernames, passwords and can bypass financial institutions’ user authentications. As the name of the attack suggests, once the malware gets your information, it is “game over” for your bank account.
How it works
Spammers spread the virus to computers by sending out emails from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC) saying there is a problem with your bank account or recent transaction. A link is provided in the email to fix the problem, which then leads you to a fake website. As soon as you click the link and go to the website you also just downloaded this malware to your computer.
How to protect yourself
NACHA, FDIC, and the Federal Reserve all say they don’t send out unsolicited emails to bank account holders. So if you want to confirm there’s a problem with your account or one of your recent transactions, contact your financial institution. Do not click on any links sent via email, as these may take you to a Web site that places malicious software on your computer. Instead, enter the address that you know is legitimate into your browser. For example: Instead of clicking on the URL received in an email (such as http://www.123citi-bank-usa.com/update/yourcredentials.html), open up Firefox and navigate to Citibank’s known website: www.citibank.com.
Where can I find more info?
Visit http://www.luc.edu/uiso/protect_yourself.shtml for additional security tips.