BBB Deactivates Website Serving Phishing E-mail with Malware

BBB lately deactivated one fake website because that website dispatched phishing e-mail feigning as an FBI message while certain file was saved in Dropbox -the file was actually malware. The bureau cautions end-users against file-sharing websites while downloading files from them no matter whether the associated e-mail looks as being sent from a known source. BBB.org published this, August 26, 2015.

A BBB committee -Council of Better Business Bureau- uses the services of Corporate Services Committee to shutdown illicit sites that imitate BBB or utilize the agency's intellectual property alternatively try hacking its computer network. Notably, CBBB helped shutdown almost 200 fake sites starting November 2011 the time BBB's logo and name were first exploited within one phishing scam.

The bureau says the assault fundamentally involves an e-mail that some known person apparently sent having one web-link leading onto certain file, which claims itself as downloaded from any of the OneDrive, Google Drive or Dropbox file-sharing websites Incase the web-link is clicked, two typical events occur.

Within one, the assault uses certain file with malicious software downloaded. Malicious programs exploit software flaws like in document reader, browser in addition to flaw in operating system. But, if the assault is more sophisticated it directs the end-user onto one web-page, which imitates one well-known file-sharing site that's cloud-based, while asks for the end-user's password and account name. Incase the information is entered; attackers could access that end-user's account via using the information. Moreover, since people generally apply a common password for several site accounts, the hackers become capable of accessing all accounts on different credit card, bank, or other financial websites.

Chief Security Officer Bill Fanelli of CBBB reiterates that cyber-criminals are manipulating end-users' trust when they access well-known file-sharing websites. The related electronic mails appear genuine, and seemingly from a known person. However, the web-link on the e-mails takes onto one fake site, which so defrauds the user that he types in his login details followed with the site loading malware onto his PC. Thereafter, the site dispatches phishing electronic mails for all persons on that user's address list, Fanelli explains. Cloudwards.net reported this, August 27, 2015.

» SPAMfighter News - 9/10/2015