Subscribe to RSS feeds


May9
by Fatima Bancod (Email Security Analyst)

The Trend Micro Content Security Team has encountered a phishing attack similar to what affected the Bank of America and Comerica recently. The scheme, which involves a malicious digital certificate supposedly downloaded from a link found in the spammed email, is now used to fool Merill Lynch Business Centre customers.

Below is a screenshot of the spammed email message:

The visible link in the said email is a hypertext string that leads to the phishing URL
hxxp://wcma.businesscenter.mlbank.bcprivate9054.wcmaloginea.aspxsystem.meetingid.12469.
programs.dvppserv.1291logon.info/WCMALoginEA.htm. The said URL poses as the Business Centre’s home page.

Clicking on the said link connects users to a URL where they are prompted to download a required “digital certificate.” However, the phishing site is already inaccessible as of this writing.

Sunbelt also warns users in their blog that this scheme is highly likely being used for other schemes as well.



This entry was posted on Friday, May 9th, 2008 at 5:12 am and is filed under Phishing, Security . Responses are closed, but you can trackback from your own site.



Comments are closed.


More of The Same: Another Half Million Web Sites Compromised
“Drive-by Download” Takes A More Literal Meaning


 
TrendWatch Hijack This Security Tips for Consumers
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
Glossary of Threat Terms

 
© Copyright 2008 Trend Micro Inc. All rights reserved. Legal Notice