|JPMorgan Chase Tower (Dallas) (Photo credit: Wikipedia)|
The campaign, dubbed "Smash and Grab," was launched on Tuesday with a widely distributed email that urged recipients to click to view a secure message from , according to security researchers with corporate email provider .
JPMorgan, the No. 1 by assets, confirmed that spammers had launched a phishing campaign targeting its customers.
"It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.
She said the bank believes most of the spam was stopped by filters at large Internet providers, adding that the email looked realistic because the attackers apparently used a screen grab from an authentic email sent by the bank.
Users who click on a malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they did not comply, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint.
Dyre is a recently discovered piece of malware that seeks credentials from customers of , and Group Plc, according to email security firm Phishme.
Proofpoint Vice President of Threat Research Mike Horn said it is unusual for spammers to infect PCs with malware while trying to persuade users to provide banking credentials because that increases the odds of detection.