The panicked frenzy of tax season’s end has long carried with it an uptick in fraud and theft. This year is no different, with fraud activity rising in both quantity and sophistication after April 17.
In an interesting example of this year’s campaigns, North Americans were targeted with the banking trojan known as URSNIF. Rather than being delivered as an attachment to a phishing email, the trojan came via a VBScript downloader that brought a .ZIP file, all launched by a click on a specific URL.
According to researchers at Trend Micro, the URL was part of a phishing email that mentioned possible tax problems and invited the recipient to click on the URL for more details. Once clicked, a page opened that looked like a legitimate tax information site. Buried in the code for the site, though, was obfuscated code for the VBScript downloader, which pointed to one of more than 100 URLs under 20 or more domains.
For more, read here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio