This Trojan uses spoofing technology. It is a fake HTML page. It is designed to steal confidential information from BB&T clients. This Trojan was originally mass mailed.
The Trojan arrives in the guise of an important email from BB&T:
The email contains a link which exploits the Frame Spoof vulnerability in Internet Explorer.
If the user clicks on the link, visits the site, and enters his/ her account details, they will be sent to the remote malicious user, who may then have full management rights to the user’s profile.
The Frame Spoof vulnerability (MSO4-004) is present in Microsoft Internet Explorer 5.x and 6.x. Microsoft published a describing the vulnerability and how to recognize such fake links.