Top
image: pamminvestors.ru

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

August 16, 2017

Santander Bank customers should be aware of an effective spam campaign spreading the Trickbot banking Trojan that is coming from domains similar to those used by the financial institution.

Researchers at My Online Security and the SANS Institute’s Internet Storm Center say that Santander is not the only bank domain being leveraged, and call the malicious domains “extremely plausible imitations.”

A sample of the phony domains sending Trickbot includes: hsbcdocs.co.uk, hmrccommunication.co.uk, lloydsbacs.co.uk, nationwidesecure.co.uk, natwestdocuments6.ml, santanderdocs.co.uk, santandersecuremessage.com, and securenatwest.co.uk.

Read More on Threat Post