A new Merrill Lynch phish is hitting the rounds, with a dangerous payload.
The phish typically looks something like this:
Subject lines include �New ML Business Centre Login Page�, �Merrill Lynch Business Centre with new Login Page?� and �Merrill Lynch Business Centre Website changing marketing process.�
The phish points to a website which pushes a new �certificate� that is needed.
The �Certificate� is a variant of Papras, a data-stealing trojan. However, don�t expect it�s only Merrill Lynch. We believe that this trojan is being used in a similar Colonial Bank scam, and there are likely others.
Alex Eckelberry
No comments:
Post a Comment