May9
5:12 am (UTC-7)   |   by Fatima Bancod (Fraud Analyst)

The Trend Micro Content Security Team has encountered a phishing attack similar to what affected the Bank of America and Comerica recently. The scheme, which involves a malicious digital certificate supposedly downloaded from a link found in the spammed email, is now used to fool Merill Lynch Business Centre customers.

Below is a screenshot of the spammed email message:

The visible link in the said email is a hypertext string that leads to the phishing URL
hxxp://wcma.businesscenter.mlbank.bcprivate9054.wcmaloginea.aspxsystem.meetingid.12469.
programs.dvppserv.1291logon.info/WCMALoginEA.htm. The said URL poses as the Business Centre’s home page.

Clicking on the said link connects users to a URL where they are prompted to download a required “digital certificate.” However, the phishing site is already inaccessible as of this writing.

Sunbelt also warns users in their blog that this scheme is highly likely being used for other schemes as well.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Friday, May 9th, 2008 at 5:12 am and is filed under Phishing . Responses are closed, but you can trackback from your own site.



Comments are closed.


More of The Same: Another Half Million Web Sites Compromised
“Drive-by Download” Takes A More Literal Meaning


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice