In the past few days we have received many emails from “the Federal Reserve”:
Since they are not legitimate we have been cataloging them on phishingemails.com.
However, they are not your typical phishing scam. Sure it is a lure, but the bad guys are not here to gently ask you to fill in a form to steal your credentials. They are choosing the brute-force method:
Clicking on the link triggers a series of exploits:
You can see how it works its way:
From Outlook’s email, to Internet Explorer (click on the link) to a Microsoft Help Center exploit…
The bad guys are using a URL shortener and then off we go to exploit land:
That way you end up with a Trojan on your PC, and maybe a couple of fake AVs…
Thankfully my phishing trap is a VM image I can reset easily…
Jerome Segura
Leave a reply
