Mar31
8:21 am (UTC-7)   |   by Macky Cruz (Technical Communications)

For the longest time now, phishers have been spamming targets with email messages that contain links to phishing sites. Last Friday, our Content Security team was able to net a phishing attempt that deviated from this “standard operating procedure.”

Here are a few examples of email messages used by this phishing attack:

Below is a screenshot of the attached HTM file’s contents:

It is a PayPal phish; the text tries to ease user apprehension with phrases such as “fortifying online security,” “safe Web browsers,” and “extra layer of security.” It then entices the user to enter his/her username and password to “learn more about these protection methods.”

Unfortunately, the information keyed in is not used to log on to PayPal or any security-related site; it is instead sent over to a certain URL via a POST transaction. Needless to say, this information can then be used by remote malicious users for their selfish ends.

This specific strain of spam mail is already detected using AS Pattern 5816. Be sure to update scan engines to ensure the fullest protection from today’s threats. Also, avoid opening attachments sent by unknown senders.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Monday, March 31st, 2008 at 8:21 am and is filed under Security . Responses are closed, but you can trackback from your own site.



Comments are closed.


April Fool’s: The Joke’s on You
Sony Playstation Network Possibly Compromised


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice