The Weekly Top 3 - ED #40.2015

By Jon Phish, Fri 02 October 2015, in category News

malware, phishing, weekly

The Weekly Top 3 are the three most relevant news stories for the week that are related to phishing scams and activities reported in the media, security blogs and security magazines on the Internet. This week, we look at phishing activities related to the DVLA and a couple of Trojans named Dyeza and Upatre.

UK Drivers Targeted In Phony DVLA Scam

Earlier this week the Driver and Vehicle Licensing Agency (DVLA) warned UK motorist of a phishing e-mail sent by fraudsters for the purpose of obtaining personal and financial information. The phishing e-mail sent to the victims appeared to be from the DVLA, but actually contained a malicous link that forwarded them to a fake version of the DVLA website. Once the victim had viewed the page, it prompted them to enter their driver's license number and payment information under the threat of revoking their license, if they did not pay. Click on the link below to read more.

Upatre Trojan Phishing Campaign Resurfaces

"Attorney-client agreement" was the subject line of a new phishing e-mail being sent by hackers for the purpose of infecting Windows XP computers with the Upatre Trojan. The phishing e-mail referred to a court case, where the victim was involved in a breach of contract. This action tricked the victim into either downloading or executing a malicious attachment. This malware was designed to steal personal details and download additional malware to the infected computer so as to further disarm its target. Furthermore, the malware appeared to only attack computers with Windows XP, which Microsoft no longer supports. Click on the link below to read more.

Dyreza Trojan Targets The IT Supply Chain

The Dyreza Trojan has been known to steal banking credentials from its victims. However, earlier this week security researchers had found that the malware was being configured to steal credentials for the IT supply chain. Researchers found that over 20 companies who supported computer warehousing and distribution were listed in the Trojan's configuration files. This configuration would allow hackers to potentially divert computer shipments or even create new orders. Similar to the Upatre Trojan, this malware was sent to a victim via phishing e-mail. However, it logs all browser data and sends it to the hacker. Click on the link below to read more.