专家警告说,新的基于网络钓鱼骗局

The SANS Internet Storm Center published a warning on Wednesday about an active phishing campaign that utilizes PDF attachments in a novel ploy to harvest email credentials from victims.
According to the SANS bulletin, the email has the subject line “Assessment document” and the body contains a single PDF attachment that claims to be locked. A message reads: “PDF Secure File UNLOCK to Access File Content.”
Related Posts
Clicking on a link to unlock the document opens the PDF document using the computer’s default viewer. A dialogue box then appears above the PDF prompting the user to input their email address and password.
“This is an untargeted phishing campaign. They are not going after the most sophisticated users. They are going after Joe Cubicle that may not think twice about entering credentials to unlock a PDF,” said John Bambenek, handler at SANS Internet Storm Center.
Bambenek suspects that attackers are harvesting credentials in hopes of gaining a small foothold into a company via an email account or to perpetuate further phishing scams.
The email says it’s from VetMeds and the PDF is identified as a VetMeds assessment. Once opened, the contents of the one-page PDF indicates that the document is a SWIFT (Society for Worldwide Interbank Financial Telecommunication) banking transaction.
“It doesn’t matter what email address or password you input into the fake unlocking mechanism. The document is opened and anything you input is transmitted to the spammer,” Bambenek said.
一分钟的信息安全意识动画片,轻松演绎企业信息安全基础知识。
Computers configured to open PDF documents via the Adobe PDF reader are cautioned via a security warning dialogue box before opening. The message reads: “The document is trying to connect to… If you trust the site, choose Allow. If you do not trust the site, choose Block.”
Bambenek points out that Microsoft’s Windows 10 uses the Microsoft Edge browser as default PDF reader. And when Edge opens the VetMeds PDF, unlike with Adobe, no warning message is presented to the user.
SANS says it is unclear what the size and scope of the phishing campaign is. According to Bambenek, over the past few days, SANS has been forwarded a number of these phishing emails from across the country.
“Be wary of emails from domains that don’t match the contents, note that encrypted PDF documents are not locked this way (and will never ask you for your actual email password anyway), and look for other inconsistencies that give these away as scams,” he advises.
SANS互联网风暴中心发布警告星期三 有源网络钓鱼运动,利用PDF附件在从受害者的电子邮件凭据新收获策略。

根据SANS的通报, 电子邮件的主题行
相关文章
点击一个链接打开文件打开PDF文件使用电脑
Bambenek怀疑攻击者在获得一个小小的立足点为公司通过电子邮件帐户或延续进一步的网络钓鱼诈骗的希望收获的凭据。
电子邮件说
电脑配置为打开PDF文件obe PDF阅读器是通过一个安全警告对话框警告打开之前。消息读取:
有时电商帐户里会有些钱没能及时花掉,就成了黑客的美餐,京东这些电商要减少因用户的过错而引起的麻烦需要加强用户的安全意识教育。
Bambenek指出,微软
没有说不清楚的钓鱼活动的规模和范围是什么。根mbenek,几天过去了,没有被大量的这些钓鱼邮件来自全国各地。
网络时代的保护隐私令人头痛,互联网广告公司使用程序分析用户历史行为,并进行预测,提供定向的个性化广告,那些社交攻击的黑客们和喜欢进行人肉搜索的家伙们在使用这些类似的功能。

猜您喜欢

家造网销售部新员工入职培训完美落下帷幕
如何识别和防范假冒WiFi热点
适用于所有行业的HSE在线培训课件
曝海马新车规划 福美来1.2T/S7 1.8TGDI
PROVIDENCE KIBOOSDEALS
无节操黑客为不良搜索公司蝇头小利而入侵其竞争对手并窃取商业机密