Welcome Guest [Log In] [Register]

Kia Ora
You are currently viewing our forum as a guest. This means you are limited to certain areas of the board and that there are some features you can't use or read.

We are an active community of worldwide senior members participating in chat, politics, travel, health, blogging, graphics, computer issues & help, book club, literature & poetry, finance discussions, recipe exchange and much more. Also, as a member you will be able to access member only sections, many features, send personal messages, make new friends, etc.

Registration is simple, fast and completely free. Why not register today and become a part of the group. Registration button at the very top left of the page.

Thank you for stopping by.

Join our community!

In case of difficulty, email worldwideseniors.org@gmail.com.
If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Phishers Bait City Workers in Seattle With Phony Speeding Tickets
Topic Started: Jan 21 2012, 04:22 PM (57 Views)
Deleted User
Deleted User

January 20, 2012, 1:54PM
Phishers Bait City Workers in Seattle With Phony Speeding Tickets
by Brian Donohue

According to the Microsoft Malware Protection Center and the Seattle Police Department, hundreds of individuals with Seattle.gov e-mail addresses began receiving the fraudulent parking ticket announcements on Thursday. The messages have the subject "Seattle Traffic Ticket" and claim the recipient committed one of a number of violations, including speeding.

Clicking a hyperlink in the e-mail message loads an iframe that redirects users to a Ukrainian IP address. According to TechNet, the site contains an obfuscated JavaScript that exploits bug in the Microsoft Data Access Components (MDAC) that was patched in 2006.

If successful, the exploit will download an executable from a .ru domain. Windows is detecting the file as Worm:Won32/Cridex.B. The malware then attempts to connect via SSL to “jahramainso[dot]com.” The malware can also update itself by communicating with its command and control server. The host appears to be deploying the same file at present that was detected in the initial infection, but the authors may try to evade detection by altering the host with which it communicates.

According to a blog post from the Seattle Police department, the email reads as follows: ……………

View here: https://threatpost.com/en_us/blogs/phishers-bait-city-workers-seattle-phony-speeding-tickets-012012
Quote Post Goto Top
 
campy
Member Avatar
Handyman Extraordinaire
I don't get it.

What's the point?
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · ALERTS, UPDATES, WARNINGS, NEWS · Next Topic »
Add Reply