Wednesday, April 26, 2017

Financial Malware In Delta Air Payment Receipts

Researchers have identified spam emails imitating as Delta Air payment receipts spreading financial and banking malware. This new phishing campaign is taking advantage of summer season purchase. Heimdal Security discovered that these spam emails, disguised as Delta Airlines receipts, and are designed to trick victims into downloading malware. The attacker sends fake confirmation emails to victims, who panic under the impression someone booked a ticket using their identity and click the email's embedded links. This redirects them to compromised websites which load malicious Word docs onto the users system. Such documents are usually infected with Hancitor malware, which acts as a "bridge" for additional malware downloads. Malware get activated when the user download and execute the document. Then malware connects the victim machine to the attacker server.

Best Practice:
Don't open the attachment from unknown user, spam mails. It might contain malware inside the attachment.

post made by

No comments:

Operating system - Part 1:

 In our blog, we published several articles on OS concepts which mostly on the perspective for malware analysis/security research. In few in...