We captured a spam mail in our honeypot
system earlier. It attempts to fool the targeted user that e-gold
Ltd has come up with a ‘new security system’ that can be accessed
just by a click of a button. It also promises a number of safety
features that the said new system offers. But, that is just part of
their scam!
It uses social engineering to convince the targeted user to do what
the greedy scammers want to.
It displays a dialog box (see below) when the attachment is
executed. But, an average user will not notice that a malicious
program has been installed on his system as soon as he/she sees the
dialog box.
This malicious program will monitor the internet activity of the
affected system. If the monitored websites have been sensed by the
malicious program, its keylogging capability will be triggered.
These techniques of this malware, social engineering thru spam
combined with unnoticed malicious program, can add up to increasing
cases of identity theft.
As always, security awareness is a major concern. We better not
trust emails that we are not sure of its origin or sender
especially those with executable attachments. Be aware!
Additional details can be found here.
system earlier. It attempts to fool the targeted user that e-gold
Ltd has come up with a ‘new security system’ that can be accessed
just by a click of a button. It also promises a number of safety
features that the said new system offers. But, that is just part of
their scam!
It uses social engineering to convince the targeted user to do what
the greedy scammers want to.
It displays a dialog box (see below) when the attachment is
executed. But, an average user will not notice that a malicious
program has been installed on his system as soon as he/she sees the
dialog box.
This malicious program will monitor the internet activity of the
affected system. If the monitored websites have been sensed by the
malicious program, its keylogging capability will be triggered.
These techniques of this malware, social engineering thru spam
combined with unnoticed malicious program, can add up to increasing
cases of identity theft.
As always, security awareness is a major concern. We better not
trust emails that we are not sure of its origin or sender
especially those with executable attachments. Be aware!
Additional details can be found here.
