Bogus wire rejection notices lead to exploit kit
Posted on 20.07.2012
Fake notices about a rejected wire transfer have been hitting inboxes around the world, trying to trick recipients to download the attached malicious file, Sophos warns.

The emails in question usually appear to be a reply to a previous email or a forwarded one, and contain the words "Wire Transfer Confirmation" and occasionally bogus reference numbers in the subject line:


By opening the attached Wire_AMBA01-Rejected.htm file, the users are firstly directed to a webpage displaying a "Please wait a moment. You will be forwarded..." message, then redirected to a compromised Russian website hosting the Blackhole exploit kit.

If the exploit kit manages to find vulnerabilities to take advantage of, the users are served with a number of malicious payloads.

As always, users are advised to never open attachments from unsolicited emails.






Spotlight

Email scammers stole $215M from businesses in 14 months

Posted on 29 January 2015.  |  In 14 months there have been nearly 1200 US and a little over 900 non-US victims of BEC scams, and the total money loss reached nearly $215 million.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Jan 30th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //