ABSA Global business customers certificate update
Received-SPF: none (domain of yahoo.com does not designate permitted sender hosts)
Authentication-Results: mta1102.mail.ir2.yahoo.com from=yahoo.com; domainkeys=neutral (no sig); from=yahoo.com;
dkim=neutral (no sig)
Received: from 127.0.0.1 (EHLO highway.telekom.at) (184.108.40.206)
by mta1102.mail.ir2.yahoo.com with SMTP; Mon, 17 Mar 2014 07:46:21 +0000
Received: from tbuhautidtbtjauhivhtegvth (192.168.1.78) by tbuhautidtbtjauhivhtegvth. (220.127.116.11) with Microsoft SMTP
Server id 8.0.685.24; Mon, 17 Mar 2014 08:46:14 +0100
Date: Mon, 17 Mar 2014 08:46:14 +0100
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:18.104.22.168) Gecko/20101103 Thunderbird/3.1.6
Subject: ABSA Global business customers certificate update
On March 14, 2014 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to install new server certificate attached to the letter.
Thank you in advance for your attention to this matter and sorry for possible inconveniences.
System Administrator ABSA Global
The biggest giveaway that this e-mail is not from ABSA.
Right and this helps us how? Did you notice that you sent this e-mail on the 17th of March 2014. Folks, do you see how easy it is to spot the scam by just keeping your eyes peeled and paying attention to the basic common knowledge stuff. You don't need a masters degree in hacking to see that this is a scam.
This sentence just doesn't sound right, doesn't sound like anything that would come from a bank. Browsers and mail clients does not need some SSL update procedure, if they need an update the developer of the browser or mail client will issue the update, not your bank.
All you have to do is delete this e-mail immediately. No bank will send you some executable file via an e-mail to install some kind of update or server certificate.
File attached to e-mail: ABSA certificate update.zip
Zip file contains executable: ABSA certificate update.exe
Exe file infected with: Trojan Horse ZBot
The ZBot (or Zeus) Trojan is well known for collecting sensitive information from its victims, specifically banking information.
Related Cyber Criminal Profiles:No related profiles found.
Similar Spam Examples:ABSA Excess Charges Refund Banking Phishing Scam
Banking Phishing Scam - Your Pending EFT Payment!!!
ABSA Bank Phishing Scam - Authorized EFT Payment Received
SARS Efiling / ABSA Payment Notification Phishing Scam
ABSA Banking Phishing Scam - 2012 - SARS PAYMENTS