Friday, August 24, 2007 1:02 PM
cmosby
TrendLabs | Malware Blog - Seeing double
August 24th, 2007 by Dianne Lagrimas
Last month, a suspicious domain was found to be associated with a certain malware: vvindowsupdate.com. Notice the double Vs used to replace the W–an obvious way to trick users into thinking that this is the real Windows Update link. Well, phishers are picking up where this month-old tactic left off to dupe users into giving out account details. Western Union subscribers are targeted by the following phishing email:
When users mouse over the Activate link within the message, notice that the URL that it leads to is vvestreunion.com. Aside from the double v, there’s also a noticeable misspelling on the domain name. Phishers are still counting on social engineering to scam users.
It is always safe to double-check anything before believing in it. Phishing email messages are usually spammed to random email addresses, so if you receive a similar email but are not a subscriber of Western Union–or, in general, if you receive any email from any institution that you are not associated with in any way–it is recommended that you report it to Trend Micro for further investigation. It is also best to delete said message.
Source: TrendLabs | Malware Blog - by Trend Micro
Filed under: Security and Anti-Virus, Internet Explorer, Spam\Phishing