Phishing Alert: Merrill Lynch

Websense Security Labs has received reports of a phishing attack that targets customers of Merrill Lynch. Users receive a spoofed email message warning of a Trojan virus hidden in a Shockwave video has been spread around the world via email. This message requests that Merrill Lynch customers log on to their accounts to allow the Merrill Lynch servers to check for infection. The email provides a link to a phishing site, which attempts to collect personal and account information.

This phishing site is hosted in Turkey and was up at the time of this alert.

Phishing email text:

MERRILL LYNCH BUSINESS CENTRE

Dear Client!

Thank you for choosing Merrill Lynch Business Centre. An advisory from Sophos Labs informed yesterday that a malware writer has been infecting thousands of computers by hiding a new Trojan variant in a cartoon video, which has been spread around the world via e-mail. The malware, identified as Troi/Agent-FWO Trojan was hidden into “Yes & No” Shockwave video, a popular cartoon created by the Italian animator Bruno Bozzetto.

Please use next link to enter the Merrill Lynch Business Centre via protected online server. The system will automatically detect infection and you will get report to your web browser during next 60 seconds.

MERRILL LYNCH BUSINESS CENTRE LOGIN < LINK REMOVED >

To log in, you must have a valid ID and password.

Once you log in to the Merrill Lynch Business Centre, you can start performing a wide range of electronic business banking activities, 24 hours a day, seven days a week. You’ll have access to your account information, Visa activity, Business Life (our online publication providing bottom-line resources for your business) and information on all of our business financing solutions.