Blog

Blog

New Man-in-the-Middle attacks leveraging rogue DNS

New MitM attacks impersonate banking sites without triggering alerts PhishLabs has observed a new wave of "Man-in-the-Middle" (MitM) attacks targeting users of online banking and social media. Customers of more than 70 different financial institutions are being targeted. In these attacks, hackers use spam to deliver malware that changes DNS settings and installs a rogue Certificate Authority...
Blog

“Your ACH Transaction” Spam Leads to Malware

PhishLabs has discovered a new malware campaign which appears to be an alert from NACHA regarding a failed ACH transaction. If a vulnerable user clicks the enclosed link, they will be infected with malware. Users receive an email message which appears as follows: From: [email protected] [mailto:[email protected]] Sent: Thursday, February 24, 2011 9:47 AM To: Denise Muns Subject: Your ACH transaction The...
Blog

Advancements in Phishing Redirector Scripts

Almost since the beginning of phishing, attackers have created simple webpages that redirect users to another URL that contains the actual phishing form. They do this for several reasons. In case their phishing site is shutdown, they can simply change the destination of the redirect to point to another phishing site. This means that everyone who receives an email with the redirector link and...