With US-CERT issuing an alert surrounding Dyre, the Pittsburgh Tribune Review takes a closer at the malware, discovered by PhishMe in June.
Attackers Go Back to School: Phishing From .edu Leads to ZeuS
On October 28th, several of our employees reported a wave of suspicious emails. The most peculiar of the bunch originated from an American university. Here is a screenshot of the phishing email:
Figure 1 — Phishing Email
Hackers find suppliers are an easy way to target companies
In this Financial Times article, PhishMe CEO Rohyt Belani discussed how attackers research targets for spear phishing attacks.
Phishing email delivers keylogger malware, also takes screenshots
SC magazine highlighted recent research from PhishMe that detailed keylogger malware reported through a phishing email.
.NET Keylogger: Watching Attackers Watch You
Throughout life, there are several things that make me smile. Warm pumpkin pie, a well-placed nyan nyan cat, and most of all – running malware online – never fail to lift my mood. So imagine my surprise to see, after running a malware sample, that the attackers were watching me. Here’s a screenshot of a phishing email we received, which contained a keylogger written in .NET.
Figure 1 — Screenshot of phishing email
National Cybersecurity Awareness Month 2014
With National Cyber Security Awareness month (NCSAM) upon us, the national spotlight is on best practices to stay safe and protect your data online. Thanks to the support of the National Cyber Security Alliance, Department of Homeland Security, and the White House , the month of October will feature a number of initiatives designed to increase the knowledge base about cyber security issues with the general population and promote DHS’ “Stop. Think. Connect.” program to empower individuals to be safer online. PhishMe is proud to participate by being a 2014 NCSAM champion, and have made a number of resources available to individuals looking to learn more about how to protect themselves from phishing, and to organizations trying to change their users’ behavior with more effective employee security training programs.
