Antivirus Upgrade leads to Phishing

 Analysis by: Dhan Praga

Social Engineering brings a new phishing attack, with a message supposedly from a Web administrator of an email service provider. The email tells the user that a virus has been detected on their system. To prevent damage to both the service provider's webmail log and the user's important files, the user must upgrade to the latest version of their antivirus which can only be downloaded from a website linked in the mail. This attack is dangerous due to the fact that it preys upon a user's desire to keep himself protected from threats.

The message goes on to tell the user the exact steps that must be followed, which is where the phishing comes in. For the antivirus to be automatically upgraded, the user needs to enter their email account details correctly, including the password. Should the user actually go on to enter their details in the Web page that the link leads to, however, a notification will be displayed saying that the user has used up their submission quota. 

Users are advised to be careful whenever reading emails of this nature, even if they are familiar with the source.

 SPAM BLOCKING DATE / TIME: March 03, 2011 GMT-8
  • ENGINE:6.5
  • PATTERN:7990