MX Lab detected a large new campaign targetting Facebook users. The campaigns combines phishing techniques with the download of malware and a PDF exploit from the web site.
The phishing campaign has the same characteristics of the previous campaign that we have posted:
Facebook account update (part 1)
Facebook account update (part 2)
The message is being sent from the spoofed [...]
Facebook subject to campaign that combines phishing and malware
MySpace subject to phishing campaign
Social networks are often subject to phishing and today MySpace is the target. MX Lab intercepted some messages from MySpace <message-*********@message.myspace.com> – where * stands for random letter and number combination. The from address is obviously spoofed.
The body of the email:
Dear MySpace user!
Please be informed that you are required to update your MySpace account.
Please update [...]
PayPal phishing in attachments
Yesterday MX Lab reported regarding a phishing email that has no URL but instead an attached HTML document with a web form included. Since then we see more similar cases and also PayPal is subject to this technique. The senders address shows us “www.paypal.com” <service@paypal.com> but this is spoofed. The email was sent from 69.128.90.226, an [...]
Phish of Banca Agricola Popolare di Ragusa has no URL but is in an attachment
In almost every phish email there is an URL leading to the phishingsite where you are asked for a login, password and other personal information. With the latest phish targeting Banca Agricola Popolare di Ragusa the URL is not inside the email but there is an attachment in HTML format. The goal of this trick [...]
Email regarding Facebook account update is a phish
After a virus campaign, MX Lab now also intercepts a phishing campaign targetting Facebook users.
The From address is obviously fake and not related to Facebook in any way. This email in particular was directing users to the phishing site hxxp://www.facebook.com.saxzask.me.uk/globaldirectory/LoginFacebook.php?ref=******&email=info@****.com. Unfourtunalty, this host was already down when visiting so we didn’t had the chance to [...]
Paypal phishing: take online survey and receive money
MX Lab is intercepting phishing messages that target PayPal users. The email comes from the spoofed address
“Pay Pal.Inc” <Account0909Sur@pay.com> with the subject “Confirm refund request – Identity Verification”.
The contents of the email:
Dear client,PayPal
CONGRATULATIONS!
You have been chosen by the Online Department to take part in our survey.
In return we will credit $99.0 to your account [...]
Google Adwords subject to phishing
Today, Google Adwords is subject to a phishing campaign. MX Lab intercepted several messages stating that there is an issue with your Google Adwords account.
The message appears to be coming from Adwords@google.com but this address is spoofed. The orgin is from User localhost (127.0.0.1) with the connection IP 128.175.13.92 and listens to the host name [...]
New Paypal phish contains fake order and payment details to mislead receiver
At MX Lab we intercept quite often very good phishing emails. This newest PayPal phishing email came to our attention because it contains a false order and payment transaction in order to mislead the intented receiver.
The intented receiver will open such a message and notice that a payment has been done towards, in this case, [...]
Phishing PayPal email includes web form
One of the latest phishing emails with the subject “PayPal Forma ID PP697″ caught our attention because of the fact that it included a complete HTML form inside the email. The phishing is regarding a refund request and the amount would be transferred to your credit card within 5 or 7 days.
The form seduces you to [...]
Phishers use Federal Reserve Bank to warn about phishing
Phishers send out a warning regarding a country-wide phishing attack and use the Federal Reserve Bank as the origin. The email is sent from Corporate Banking Alert <cmsupport@federalreservebank.com> – this is spoofed because the real SMTP From address is quite different.
Some subject samples:
Federal Reserve Bank – Urgent Security Notification
Federal Reserve Bank – Customer Service Notification
Body [...]
