Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Phony iTunes Gift Certificate Notice | Main | It's Wednesday »

November 22, 2011

main.php Malware Lure du Jour

Attempting yet another adrenalin-rushing trick to get you to click a link:

Subject: Need your help!

Hello! Look, I've received an unfamiliar bill, have you ordered anything?
Here is the bill

Please reply as soon as possible, because the amount is large and they demand the payment urgently.

Looking forward to your answer

Fingerprint: 41723bdf-658c9e0a

As with the most recent rash of these, the link is to an HTML page inserted into a hijacked web site. That page loads an iframe whose obfuscated JavaScript content comes from a main.php program on a Russian site. Follow my trail of woe about this scheme.

Posted on November 22, 2011 at 12:23 PM