Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Quote
Websense® Security Labs™ has received reports of a new attack that targets AOL customers. Users receive a spoofed email from the security department at AOL. The email claims that AOL had a security breach over the weekend and that confidential information may have been compromised. The email also requests that users connect to a website to download and install a new security patch, which will protect their information.
When users click on the link, they are redirected to a fraudulent website...This site hosts a piece of malicious code, named patch.scr, which is written in Visual Basic and uses Yoda Crypt. When the file is run, a wizard opens to guide users through the disclosure of their confidential account and billing information, including their account limit.
When users click on the link, they are redirected to a fraudulent website...This site hosts a piece of malicious code, named patch.scr, which is written in Visual Basic and uses Yoda Crypt. When the file is run, a wizard opens to guide users through the disclosure of their confidential account and billing information, including their account limit.
Full report and email snapshot here.
Back to top
