The email appears to be legitimate, sporting the Federal Reserve emblem and containing a real looking domain, federalreservebank-oh.com. However, users following the link are exposed to malicious payloads, most recently the Oficla Trojan.
Similar Federal Reserve Bank scams have been around for quite some time and are often used for phishing attacks. Example URLs contained in this newest rash of emails are shown below.
Always be cautious in following links in emails, particularly unexpected messages. If there is any doubt, contact the sender directly to verify the legitimacy of the message. zveloLABS™ is flagging these URLs as malicious, protecting zveloNET™ community users from this threat.
Author: zvelo
Making the Internet Safer and More Secure. zvelo provides industry-leading cyber threat intelligence and URL classification data services. zvelo’s proprietary AI-based threat detection and categorization technologies, combines curated domains, threat and other data feeds, with the clickstream traffic from its global partner network of 1 billion users and endpoints to provide unmatched visibility, coverage, reach and accuracy. zvelo powers applications and solutions for the world's leading providers of web filtering, endpoint detection and response (EDR), extended detection and response (XDR), Secure Access Service Edge (SASE), brand safety and contextual targeting, cyber threat intelligence platforms, threat analysis, and more.
