A recent Australian Tax Office phish is using an interesting technique to try to appear legitimate: it spoofs the controls for the Adobe Acrobat in-browser PDF viewer.
Would-be victims are seeing a web page form in the browser, but it almost looks like they’re viewing a PDF document that’s making use of javascript forms. Like most tax related phish it promises them a refund if they’ll only provide their bank card details.
Almost every day I speak with a bank somewhere about phishing. I ask them how much of a threat is it, what are they doing about it, and how does it affect their business. Surprisingly, the answers I get vary quite a bit from one organization to another. Most are concerned about the costs of […]
PhishLabs has discovered a new malware campaign which appears to be an alert from NACHA regarding a failed ACH transaction. If a vulnerable user clicks the enclosed link, they will be infected with malware. Users receive an email message which appears as follows: From: [email protected] [mailto:[email protected]] Sent: Thursday, February 24, 2011 9:47 AM To: Denise […]
Almost since the beginning of phishing, attackers have created simple webpages that redirect users to another URL that contains the actual phishing form. They do this for several reasons. In case their phishing site is shutdown, they can simply change the destination of the redirect to point to another phishing site. This means that everyone […]
