............ Have a nice day............
USER MENU ID IS UNDEFINED IN FINACLE MIS SERVER   Date of Implementation of "VERY GOOD" Bench Mark for MACPs effect from 25.07.2016   Expected DA from Jan 2017 – 3% or 2% ?    One minute talk time for each Rupee in Airtel Payments Bank   AICPIN for October 2016 : Chances for 5% DA from January 2017   Central Government employees retiring from January 2017 to submit online application   Pre-Budget Views of Govt. Employees for inclusion in the Budget for the Year 2017-18: Confederation i.e. Scrap NPS, Minimum Wage Rs. 26,000 & Fitment Formula etc   On Salary Week, Banks Unlikely to Meet Demand for Extra 1 Lakh Cr   82 per cent ATMs dry because government used that money to pay its own employees   National Anthem Before Movie, Rules Supreme Court. Citizens 'Duty-Bound' To Show Respect    undefined

Tuesday, 9 December 2014

Beware: Fake Browser Warning Delivers Malware

Threat analysts at PhishLabs have encountered a fake browser warning which, when acted upon, delivers the Zeus (Zbot) malware.
Credit: PhishLabs
Credit: PhishLabs
Of course, this type of social engineering attack is quite commonplace these days but what makes this one standout, and the main reason we are bringing it to your attention, is the convincing nature of the warning message.
It includes the usual social engineering earmarks, praying on the fears of users…

We have detected unusual activities on your browser and the Current Online Document File Reader has been blocked base on your security preferences.
However, there are two key elements which differentiate this malicious prompt from most:
  1. The language and grammar used in this message is noticeably superior to the norm. Poor grammar and spelling are generally good indicators of fake warnings or messages, but this one, while still not perfect, is way more accurate than most.
  2. The design of the warning notice is also superior, closely resembling legitimate alerts issued by popular browsers.
Clicking the “Download and Install” button will, of course, lead to the Zeus malware, a highly malicious trojan that steals online banking credentials and makes infected computers part of a botnet.
Overall, we believe this one has the potential to fool quite a few unwary users, hence this advisory.
**At time of publication, exact circumstances of how this fake notice is being delivered remain unknown. However, PhishLabs’ investigation is ongoing.

No comments:

Post a Comment