The attack begins with a message that comes from a spoofed “Bank of America” sender (such as: RiskDept@hotmail.com, or RiskDept@msn.com). See sample below (note the very advanced date):  The attached file, BillingVerification.exe, is a self-extracting archive which contains and automatically loads an html page in the recipient’s browser. The file