Login

Register

Login

Register

#cybersecurity | #hackerspace |

COVID-19 Phishing Update: Email Posing as Scam Guidance Delivers Malware Instead


The novel coronavirus is giving opportunistic threat actors new means of deploying malicious lures on unsuspecting targets. Today’s example shows the attacker leveraging the pandemic by offering guidance on how to avoid coronavirus scams. Unfortunately, it’s also a scam.

We are providing ongoing updates on coronavirus-themed attacks observed by the PhishLabs team. This post and others are meant to help the security community stay up-to-date on how threat actors are exploiting the pandemic. 

 

 

This lure is targeting a large global financial institution.

Sender address: contact@affmote.com

 

INC1719700_Ursnif

Clicking on the link redirects you to affmote[dot]com/WLGf4L49kgtfESv4u.php where the target is prompted to provide extra verification in order to access the document. This extra step serves a dual purpose for the attacker by keeping security researchers or bots from finding the malware rather than the intended victim.  

 

ursnif scam 2

 

Enabling the malicious Word document results in the download of Ursnif malware, a highly active and stealthy banking trojan. 

 

Screenshot from 2020-03-30 19-46-46 ursnif

 

The information that this particular lure promises is not unique in nature. Phishing attacks exploiting coronavirus information from health and government officials are spanning a variety of channels nowadays, and tips on how to avoid being a victim are everywhere. Attackers interested in capitalizing on the public’s need for COVID-19 updates need only to similarly look to authority figures on the subject, and mirror their messaging. 

For more intelligence on COVID-19 threats, see our ongoing coverage.

https://securityboulevard.com/

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Jessica Ellis. Read the original post at: https://info.phishlabs.com/blog/covid-19-phishing-update-email-posing-as-scam-guidance-delivers-malware-instead



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW