Alert: Fake BancorpSouth Emails Trick Users to Malware-Infected Websites

Online banking has made life a whole lot easier, there's no denying that. This is especially true if your bank of choice is out of the way from work or from your usual route home.

There's a new breed of email scams that's currently on the prowl right now for clueless victims who happen to have accounts with BancorpSouth. The bank is a rather large bank, with over three hundred branches located all through the country, including Alabama, Arkansas, Florida, Louisiana, Mississippi, Missouri, Tennessee, and Texas.

Security researchers from AppRiver report that emails purportedly from the predominantly-Southern based bank are being sent out to hundreds of thousands of emails, informing them of a potential security alert that has to do with their account.

This message is mailed to you regarding your online banking user password has been expired. Set up a new password by following these steps: 1. Log into your online banking by our secure link for Expired Password and entering the temporary password below.

-- BancorpSouth scam emails

If the way the email message is worded isn't warning enough, then the link to where the email leads to should provide another clue. But if the recipient doesn't catch on and clicks on the provided link, well, that's when all hell breaks loose.

The user is redirected through a series of domains and is eventually served the notorious Blackhole toolkit. This particular version utilizes Java exploit Java/CVE-2012-0507.BB. This trojan will read cookies and history logs, and tweaks browser network configurations to really take you for a spin.

A unique feature of the malware is that it self-destructs if it detects the presence of a debugger on the machine. It's a pretty smart move on the part of the malware coders, since developers won't be able to study them in this way.

As always, keep your computer safe by installing an anti-virus program and keeping it updated.