CERT mailing list archives

Current Activity - Ongoing Phishing Attack

From: Current Activity <us-cert () us-cert gov>
Date: Fri, 18 Mar 2011 09:48:45 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Ongoing Phishing Attack

Original release date: March 18, 2011 at 8:25 am
Last revised: March 18, 2011 at 8:25 am


US-CERT is aware of public reports of an ongoing phishing attack. At
this time, this attack appears to be targeting PayPal, Bank of
America, Lloyds, and TSB users. The attack arrives via an unsolicited
email message containing an HTML attachment.

This attack is unlike common phishing attacks because it locally
stores the malicious webpage rather than directing user to a phishing
site via a URL. Many browsers utilize anti-phishing filters to help
protect users against phishing attacks, this method of attack is able
to bypass this security mechanism.

US-CERT encourages users and administrators to take the following
measures to protect themselves from these types of phishing attacks:
  * Do not follow unsolicited web links or attachments in email
    messages.
  * Use caution when providing personal information online.
  * Verify the legitimacy of the email by contacting the organization
    directly through a trusted contact method.
  * Refer to the Recognizing and Avoiding Email Scams (pdf) document
    for more information on avoiding email scams.
  * Refer to the Avoiding Social Engineering and Phishing Attacks
    document for more information on social engineering attacks.
  * Refer to the Using Caution with Email Attachments Cyber Security
    Tip for more information on safely handling email attachments.

Relevant Url(s):
<http://www.us-cert.gov/cas/tips/ST04-014.html>

<http://www.us-cert.gov/reading_room/emailscams_0905.pdf>

<http://www.us-cert.gov/cas/tips/ST04-010.html>

====
This entry is available at
http://www.us-cert.gov/current/index.html#ongoing_phishing_attack

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTYNirD6pPKYJORa3AQLwmAf9GQjjPGQOzT5cJzsg1SVk7sDFIOEGKLoK
RYIQcTs3Am7pcMYympTm+HgyhANGeLLRU7k7KSK6A81RxqVo/TGl3kZGuUOW8JGI
n4ZB7TLcTo5mbXHm/iqIO6sGHncOA6gWmrqDyOiLGl+1rpZuMDwJNwN6JY5/G8QX
YqJ0Lao8rvo+XJmhmnLWDfKmDbAE7asVUwRLWsI/u4GWIQ+j4EH5rjF1zDFBoeIH
XuNguW2kj0Knyc+ySguXISWidCfld0Usym77K7byQ1tN1PZGvCj993zInY1KwBcX
87iyvgkUmZlbBcXpZ4er5O+L39y9roUxwqipdvbXQ/rlO37nDk+S+g==
=YpvV
-----END PGP SIGNATURE-----
Current thread:

Current Activity - Ongoing Phishing Attack Current Activity (Mar 18)