About

Symantec: phishers spreaders Heartbleed

By Richard - Saturday, 26 April 2014 No Comments
Symantec recently detect phishing emails related to Heartbleed Bug. Phishers attempt to collect information by posing as an insurance service U.S. military attack with messages about Heartbleed.
Bug Heartbleed is a newly discovered security vulnerabilities that affect OpenSSL versions 1.0.1 up to 1.0.1f. This vulnerability is fixed in OpenSSL 1.0.1g. Symantec security report provide greater detail on the bugs and offer steps to fix it.

Spammers and phishers are known to use news and popular topics to disguise their payloads. In the case of a phishing email, phishers often use security concerns to justify and disguise their social engineering methods. The contents of this email try

to force the incoming message recipients to divulge sensitive information.

In this case, phishers send an email like this.

 There are a couple of interesting things from the above example that must be disclosed .

    
According to the X - Mailer header , sender using a very old email client ( Microsoft Outlook Express 6.00.2600.0000 ) . Although many users are still using the old email software , it is highly unlikely the modern online business will use a desktop email client to send security notifications .
    
Note the unusual grammar to use "has initiate " . Often, phishers will try to capitalize on new topics quickly . As such , they usually will make grammatical errors because of the pressure to deliver new phishing soon as possible . Email phishing is also often delivered by people who do not speak English as their first language .
    
In addition , it aims to be a phishing email security warnings from U.S. military service leading insurance but contains the " Sign In" which actually refers to a Turkish manufacturing site that has been compromised .
While this is not an exhaustive list of the factors to identify phishing email , it highlights some of the irregularities and inconsistencies that are often seen in the spread of phishing .
As stated in the official Advisory Heartbleed Symantec , Symantec warns users to be wary of any email that asks for personal information that is new or updated . Users should not click on any link to reset the password or the software updates in the message . If users need to update or change their personal information , you should immediately visit the website .

No Comment to " Symantec: phishers spreaders Heartbleed "