The latest phishing scam is in the form of a fake terminated funds transfer email. The email, see image below (with account info blocked out), as with all phishing attempts, relies on the recipient being curious enough, fearful enough, and or angry enough to click one of the links to find out more information about the issue reported in the message. In this case, clicking on any of the links will lead to the Blackhole exploit kit, a very nasty actor which, among other things, is an effective banking malware, being placed on the victim’s computer from a malicious Internet website.
The scary thing about this one is that, “According to Webroot, when this malicious campaign was first spotted and analyzed more than a week ago, the malware in question was detected only by two of the 43 AV solutions used by VirusTotal. Since then that number has reached 15, but that is still a very poor detection rate.” In other words, this malware is difficult to detect by most anti-virus software at this time.
My advice to avoid being infected by this or any phishing attempt is as follows:
- Be extremely suspicious of any email message you didn’t expect…don’t open it…Think Before You Click.
- If you do open it, look closely at the email for misspellings, grammar errors, typos, all usual flags that an email isn’t authentic.
- Never click on a link before checking it’s legitimacy (hover your cursor over it and look at the URL it references at the top of your browser. If it’s not the place you think you should be taken to, don’t click on it. Or better yet, use another method of communication (phone, etc.) and check out the validity of the message.
- Trust your intuition, gut feeling, conscience, that little voice in your head, or whatever it is that tells you there may be a problem, and don’t click on anything.
Reference: Net-Security.org article
Be very careful…it’s dangerous out there.
I hope you enjoyed this article; and if you’d like to receive an email when a new article is posted, please sign up for an email subscription on my home page. Don’t worry…I won’t give your email address to anyone…No One; I hate spam too. Please share my blog with your friends and family. I’m also on Twitter @PaulsInternet .
Images courtesy of FreeDigitalPhotos.net and FreeByte.com