The following are a couple of examples of phishing that I have received in the last few hours.
The first of them is posing as a bank to request customer data on a false page. The content of the message is an image that simply links to a suspicious destination, as can be seen in the following screenshot:
Fake email that simulates being sent by the bank
The fake website of the bank has already been removed, but it is possible that attackers will raise another to take advantage of the redirect link. Although at first glance the deception is not difficult to detect … as a general rule when receiving any notification from the bank, the ideal is to access the web directly by typing the URL in the browser, never through the links or files received.
The second example It has a much more polished design, it simulates being a multimedia message (MMS) sent by a girl. To see it you have to click on a link that ends by downloading a Trojan called ver_mensaje.exe:
The domain used for this attack is very similar to that of Movistar, but it does not belong to the company, it was registered on December 5 (see whois) and is still active, although some filters are already blocking it (for security, try not to enter ).
The downloaded file is a Trojan that infects the system to steal information and turn it into a bot, that is, a computer that is part of a botnet. The following is a screenshot of VirusTotal:
To make the deception more credible, the Trojan has added a custom icon as you can see in the following screenshot:
The .exe file extension does not appear because by default in Windows the display of extensions is disabled. For security it is good to activate them to at least know what types of files are being opened.
Remember to make common sense with the emails you receive and be very careful with the links!
Thanks bubytres and David for the submissions.
Related: Video: false image infecting Windows.WOT, add-on for safer browsing.