Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Malware Delivery Trick du Jour [Updated] | Main | An "Honest" Advance Fee Crook »

October 07, 2011

Malware Links to main.php

Over the past few days, a persistent jerk has been trying to lure unsuspecting email users to visit what I believe to be malware delivery web pages. The social engineering tactics have ranged from the ACH transaction threat to fake iPhone pre-release info to today's invoice-related nonsense:

From: [a non-existent sales-related account at my domain]
Subject: Re: End of Aug. Statement Required

Good day,
as reqeusted I give you inovices issued to you per sept.
Download Invoice

One point that all of these attempts have in common is that the URLs lead to a main.php destination at a variety of domains. That makes them easy to spot with a hover of the cursor before clicking.

Another point that pleases me even more is that the freshly-minted domains employed for these attacks have been suspended very quickly. Somebody is watching this ass very closely. How long will it take for him to give up?

Posted on October 07, 2011 at 11:03 AM