Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Our friends from RSA have recently reported about the latest one-two punch employed by the infamous Rock Phish gang (also reported here and here). Best known for their easy-to-use kits that yield professional looking phishing pages, Rock Phish now introduces information-stealing malware — dubbed as the Zeus Trojan.

    This attack is reminiscent of the Bank of America phishing attack, which we reported several days ago, wherein users are prompted to install a “digital certificate” in order to access the bank’s online login page. Incidentally, the phishing page was also Rock Phish.

    And apparently there were more: Trend Micro Advanced Threats Researcher Paul Ferguson and the TrendLabs Content Security team came across a couple of malicious “certificates” detected as TSPY_PAPRAS.AC and TSPY_PAPRAS.AD. These spyware each target the Comerica and Colonial banks, respectively.

    Below are screenshots of the phishing email and Web page targeting Comerica account holders:

    Comerica email

    Comerica certificate page

    Traditional phishing involves phishers sending out email messages that lead users to a fake Web site resembling login pages of certain institutions or companies. This time they’ve made sure they can get sensitive user information even without getting users to log on to some fake page. They do this by planting a spy in users’ systems so any relevant user action can be transmitted to a remote server. Unprotected users thus stand to lose sensitive information.

    This recent development even makes it more important to remind users to be wary of clicking links in email communications, and to keep scanning engines up-to-date.

    Addtional text by Paul Oliveria

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice