Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Phishing scam peddling malicious software impersonates Google reCAPTCHA

 

An e-mail phishing campaign just discovered was seen distributing malicious software with the aid of one fresh technique that disguised its payload with one phony reCAPTCHA system supposedly of Google. Sucuri the cyber-security company explains the campaign targeted certain Polish bank along with its customers even as it masqueraded as Google reCAPTCHA protocols as well as utilized panic-creating tactics so victims could be made to follow rogue web-links implanted on the scam electronic mails.

 

Recipients of the e-mails were prompted to confirm one recent transaction while they should click on certain link leading onto one malevolent PHP file. According to Sucuri researchers, following the web-link and landing on the rogue PHP file resulted in one phony "404 error" web-page. Thereafter, one phony Google reCAPTCHA would get
loaded via the PHP file, and the loading would utilize JavaScript and HTML elements in combo. The reCAPTCHA system is a validation system that helps identify bots distinctly from actual website visitors.

 

The researchers stated that the phony reCAPTCHA appeared authentic while it made the landing web-page give a feeling of legitimacy to the victims. According to Luke Leal security analysts te Sucuri, the fake landing web-page effectively copycats Google's reCAPTCHA; however, as it depends upon static things, there would never be any
changes in the images till of course the rogue PHP code gets altered. It as well does not perform audio replay as different from the actual version, Leal adds. www.zdnet.com posted this, February 22, 2019.

 

While within its Android version, the malicious software has the ability to interpret the target mobile device's contacts, area of existence, and state. It scrutinizes as also dispatches SMS messages, records audio, dials phone numbers for talking as well as filches certain kinds of sensitive information. Anti-virus software programs have detected the Trojan as Artemis, Evo-gen, BankBot, Banker, and more.

 

Leal suggests when tackling the kind of Trojan, one must erase the files inside an associated complaint; nevertheless, it is strongly urged that administrators scrutinize any database and website file in existence too for malicious software. Moreover, all passwords should be updated for preventing the attack.

 

» SPAMfighter News - 2/27/2019

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next