The Members Forum

Members Login
Username 
 
Password 
    Remember Me  
Post Info TOPIC: Popular brands impersonated in latest malware campaign


Administrator / Manager

Status: Offline
Posts: 2499
Date:
Popular brands impersonated in latest malware campaign
Permalink   


Multiple vendors are reporting on a currently ongoing scareware and client-side exploits serving, spam campaign, brand-jacking Best Buy, Chase, Macy’s, Target.com and Evite.

The payments-themed campaign is enticing users into clicking on on a malicious link which attempts to exploit client-side vulnerabilities targeting Java, Acrobat Reader etc. in between loading a scareware-serving page (antivirus_24.exe), tricking users into thinking they’re infected with malware.

Sample subjects include:

  • “Thank you for scheduling your online payment”
  • “Thank you for your payment”
  • “Thanks for planning your event with Evite”
  • “Your Target.com order has been shipped”
  • “Thank You, Your Anti-Virus Protection Plan has been renewed”

This campaign is directly related to last month’s “Malware Watch: Malicious Amazon themed emails in the wild” campaign, as well as to the Xerox WorkCentre Pro scanned document themed campaign, with both campaigns managed by the same cybercriminals.

Windows users are advised to keep their 3rd party applications and browser plugins up-to-date, use least privilege accounts, securely handle active content, or completely isolate their Internet activities, in order to mitigate a huge percentage of the risk posed by such attacks.

ZDnet has the details HERE!



__________________

http://www.mycomputerplayground.com
http://www.digitaldrama.net
http://www.thisrules.net
Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.

Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse
Powered by ActiveBoard