A phishing campaign containing malware is specifically targeting business customers of some New Zealand banks.
The phishing emails are branded to look like invoice notifications from common accounting software. Once a user clicks on the attachments or links in the email, malware is downloaded onto the user’s machine.
CERT NZ understands that banks have been notifying their business customers if they are affected.
Note: The malware is on the infected computer. The bank’s and the accounting software’s security is unaffected.
Read more from CERT NZ