Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Malicious PDF sent in massive scam to Colombian users claiming to be from Credit score agency

Security News






Speedup My PC
Reply
  #1 (permalink)  
Old 03-29-2014
Steve's Avatar
Moderator
 

Join Date: Sep 2006
Location: Emerald Isle
Posts: 88,036
Steve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant futureSteve has a brilliant future
Thanks: 24
Thanked 177 Times in 45 Posts
Malicious PDF sent in massive scam to Colombian users claiming to be from Credit score agency
We got reports for a massive scam sent to colombian users claiming to be from one of the two credit score agencies in Colombia. The agency is called Datacredito, affiliated to experian. The following e-mail was received:
This e-mail poses as an alert for a false negative report to the credit agency. It comes with an attached PDF with the following information:

The file does not show malicious payload when scanned by antimalware software. However, this file has a PDF structure. Ater using PDFStreamDumper for reviewing, the following interesting information appeared:

This PDF has malicious scripting, which instructs the reader to download and execute the URL shown in the previous URL. After downloading the file shown in that URL, which is live at this time, a keylogger is downloaded.
Malicious PDFs are still a problem. If you want to avoid falling into one of this scams, please remember the following:
  • Have the last version of acrobat reader installed in your computer
  • Do not open attachments from unknown sources
  • Do not enable scripting in your acrobat reader configuration. Keep it turned off.
Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

More...
Reply With Quote
Sponsored Links
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
More massive malicious spam! This time claiming to be from Almacenes Exito, (Fri, Apr 12th) Steve Security News 0 04-13-2013 00:50
Massive Google scam sent by email to Colombian domains, (Wed, Apr 10th) Steve Security News 0 04-10-2013 22:30
New e-mail scam targeting Colombian Internet users: This time claiming to be from the Transport authority, (Sat, May 26th) Steve Security News 0 05-27-2012 07:50
The Doctor Will See Your Credit Score Now Steve General Technology News 0 01-19-2008 06:40




All times are GMT +1. The time now is 23:37.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120