|
IT Developments
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Fake Payment Request Attack Ramps Up
- From: Brian Warkoczeski
- Date: Thu Nov 19 16:31:09 2009
Fake Payment Request Attack Ramps Up
By Erik Larkin
Nov 19, 2009
www.yahoo.com
A currently underway attack is attempting to trick victims with an
e-mail that purports to request a verification for payment to a major
company, but instead carries a Trojan.
E-mail security company Cloudmark reports seeing more than 1.6 million
of the attack e-mails, which bear a subject of "payment request from"
followed by a company name such as eBay or J. P. Morgan Chase and Co.
The body of the message says that to decline the payment, the recipient
must download and install an attached "transaction inspector module."
The .zip file attachment, of course, is no module, but a Trojan. In a
post that includes screen shots of some attack samples, Trend lists the
Trojan as TROJ_AGENTT.WTRA.
As always, your best bet to guard against the malicious e-mail
attachments used in these kinds of social-engineering attacks is to
upload attachments to a site such as Virustotal.com, which will scan the
attachment using 40-odd different antivirus engines. There's no
guarantee that Virustotal.com will positively ID a threat, but you have
much better odds with 40 engines than with the one used by your
installed antivirus.
|
|
|
