2014 May 9 15:56 GMT
Email messages that are related to this threat (RuleID9893) may contain the following files:
> Bank Paymet.zip
The Bank Paymet.exe file size in the Bank Paymet.zip attachment is unavailable. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xc3f0aa248ee6f79900bb2952fab66304
The following text is a sample of the email message that is associated with this threat outbreak:
> Message Body:
HSBC Bank/Payme?nt Advice
Today at 3:26 PM
This payment advice is issued at the request of our customer. Your account has been credited with an inward payment.
Please see full payment details in attached
Biz Alert Ref Number : UCC28115548
Credit Amount : USD 24,351.60
Payment Method : Telegraphic Transfer
Paying Bank : HSBC BANK USA NA
Any questions, please call our customer service hotline on (852) 2748 8288.
Please do not reply to this email. The information in this BizAlert is not and should not be construed as a recommendation, an offer to sell or the solicitation of an offer to purchase or subscribe for any investment. HSBC makes no guarantee, representation or warranty and accepts no responsibility or liability as to its accuracy or completeness. The information is for reference only and are subject to change without notice.
The information contained in this email alert is confidential. It may also be legally privileged. If you are not the intended addressee, you may not copy, forward, disclose or use any part of this message. If you have received this message in error, please delete it and all copies from your system and notify the Bank immediately by contacting our customer service hotline on (852) 2748 8288.
Email communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any error or omissions which arise as a result.
Cisco Security analysts examine real-world email traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global email security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases.
Cisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Email that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam email and hostile web URLs from being passed to the end user.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products