Fake AFP websites

Posted on Posted in Blog

Another alert from our buddies over at Trend Micro: Fake AFP websites spreading TorrentLocker after changing their social engineering target. At the present we have seen 101 fake websites (the list is still growing) We advise users: – Not to enter Captcha codes to any penalty / police related website. – Be especially careful about anything purporting to be a traffic infringement or the AFP (use the phone to confirm any such email). tl:dr – Always verify the integrity of a website – look for “https” and proper certificates. If you believe you may be infected, turn off the computer […]

Cryptolocker 4 alert

Posted on Posted in Blog

New alert from our friends over at Trend Micro: Two Ransom-ware outbreaks are happening right now: Australia Post and Cryptowall Attachment. The spam (distributing Cryptowall 4) is using an obfuscated JavaScript attachment. (Spam mails are already detected by the latest AS full pattern 2092). The obfuscated JavaScript downloads malicious content from URLs such as: hxxp://dertinyanl.com/img/script.php?tup1.jpg … hxxp://yalcingulten.com/dbsys.php At the present we have seen 85 fake Australia Post websites (the list is still growing): hxxp://adventuredmc.com/JXZ9TMtUgiI/VvqyrjDo.php … hxxp://wilanowski.net/uUJTW/9oyONj.php We advise users: Not to enter Captcha codes to any postal tracking site Not to open invoice / refund attachments from email (Cryptowall) Be especially careful about […]